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Abstract 

Circumscription has been recognized as an important principle for knowledge representa- 
tion and common-sense reasoning. The need for a circumscriptive formalism that allows for 
simple yet elegant modular problem representation has led Lifschitz (AIJ, 1995) to introduce 
nested abnormality theories (NATs) as a tool for modular knowledge representation, tailored 
for applying circumscription to minimize exceptional circumstances. Abstracting from this 
particular objective, we propose £circn which is an extension of generic propositional circum- 
scription by allowing propositional combinations and nesting of circumscriptive theories. As 
shown, NATs are naturally embedded into this language, and are in fact of equal expressive 
capability. We then analyze the complexity of £cmc an d NATs, and in particular the effect of 
nesting. The latter is found to be a source of complexity, which climbs the Polynomial Hierar- 
chy as the nesting depth increases and reaches PSPACE-completeness in the general case. We 
also identify meaningful syntactic fragments of NATs which have lower complexity. In partic- 
ular, we show that the generalization of Horn circumscription in the NAT framework remains 
coNP-complete, and that Horn NATs without fixed letters can be efficiently transformed into 
an equivalent Horn CNF, which implies polynomial solvability of principal reasoning tasks. 
Finally, we also study extensions of NATs and briefly address the complexity in the first-order 
case. Our results give insight into the "cost" of using £cmc (resp. NATs) as a host language 
for expressing other formalisms such as action theories, narratives, or spatial theories. 

Keywords: Circumscription, nested abnormality theories, computational complexity, Horn theo- 
ries, knowledge representation and reasoning, nonmonotonic reasoning 



1 Introduction 

Circumscription [33, 36. ^7|] is a very powerful method for knowledge representation and common- 
sense reasoning, which has been used for a variety of tasks, including temporal reasoning, diagnosis, 
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and reasoning in inheritance networks. The basic semantical notion underlying circumscription is 
minimization of the extension of selected predicates. This is especially useful when a predicate 
is meant to represent an abnormality condition, e.g., a bird which does not fly. Circumscription is 
applied to a formula <p, either prepositional or first-order, and it is used to eliminate some unintended 
models of ip. 



Since the seminal definition of circumscription in [36], several extensions have been proposed 



(see, e.g., Lifschitz's survey [34]), all of them retaining the basic idea of minimization. In this 
paper, we propose £circ> a language which extends prepositional circumscription in two important 
and rather natural ways: 

• on one hand, we allow the propositional combination of circumscriptive theories; 

• on the other hand, we allow nesting of circumscriptions. 

As for the former extension, we claim that it can be useful in several cases. As an example, we 
consider a scenario from knowledge integration. Suppose that two different sources of knowledge 
CIRC(<^i) and CIRC (^2), coming from two equally trustable agents who perform circumscription, 
should be integrated. Then, it seems plausible to take as the result the disjunction of the two sources, 
i.e., CIRC((/?i) V CIRC((/?2)-[] In jCcircs all propositional connectives are allowed. 

As for the latter extension, the concept of nested abnormality theories (NATs) has been proposed 



by Lifschitz [35], in order to enable a hierarchical application of the circumscription principle, 
which supports modularization of a knowledge base and, as argued, leads sometimes to more eco- 
nomical and elegant formalization of knowledge representation problems. Since then, NATs have 
been used by a number of authors and are gaining popularity as a circumscriptive knowledge repre- 
sentation tool. For example, NATs have been used in reasoning about actions [^5, 24, 31, 32, 48], for 



handling the qualification problem [|39|], formalizing narratives [|h, expressing function value min- 
imization information filtering [|T|], describing action selection in planning [47], and in spatial 



reasoning [43] 



As another simple example for combining circumscriptions, imagine the task to diagnose a mal- 
functioning artifact which is composed of modular components, e.g., a car. A piece of knowledge 
CIRC((^i) may model the behavior of a subpart, e.g., the engine, while another one CIRC ((^2) may 
model the behavior of the electrical part, and a plain propositional formula ip might encode some 
observations that are being made on the car. Then, by taking the circumscription of a suitable propo- 
sitional combination of ClRC(ipi), CTRC(^2)> and ip, unintended models for this scenario may be 
eliminated (see Section for a more concrete realization of model-based diagnosis). 

In this paper, we are mainly concerned with the computational properties of £circ an d NATs, 
and with the relationships of these formulas to plain circumscription in this respect. In particular, 
we tackle the following questions: 

• Can NATs be embedded into £circ> ie > lS there an (efficiently) computable mapping from 
NATs to equivalent £circ formulas? Here, different interpretations of "equivalence" are possible; 



'We remind that CIRC(yPi) V CIRC(<p2) ^ CIRC^i V ^2) in general (take, e.g., ipi — a A b and <p2 = b). 
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a strict one requires that Cqirc formulas and NATs are built on the same alphabets, and that their 
models must coincide. A more liberal one permits the usage of an extended alphabet for £circ 
formulas, such that the models of a NAT T correspond to the projection of the models of its trans- 
formation, mapping onto the original alphabet. 

• What is the precise complexity of reasoning under nested circumscription? By reasoning, we 
mean both model checking and formula inference from an £circ formula or a NAT. Note that 
methods for computing certain NATs, by reduction of circumscription axioms to first-order logic, 
have been developed; Su [ |4^ ] implemented a program called CS (Circumscription Simplifier), while 



Doherty et al. came up with their DLS algorithm [16], which has been refined by Gustafsson [28]. 



However, the precise complexity of NATs was not addressed in these works. 

• Is there a simple syntactic restriction of NATs (analogously, of £circ) for which some relevant 
reasoning tasks are not harder than reasoning in classical logic, or even feasible in polynomial time? 

We are able to give a satisfactory answer to all these questions, and obtain the following main 
results. 

(1) After providing a formal definition of £circ> we prove the main results about its complex- 
ity: model checking and inference are shown to be PSPACE-complete (the latter even for literals); 
moreover, complexity is proven to increase w.r.t. the nesting. It appears that nesting, and not propo- 
sitional combination, is responsible for the increase in complexity. 

(2) Similar results are proven for NATs in Section [| In this section, we also prove that every NAT 
can be easily (and with polynomial effort) translated into a formula of £circ using auxiliary letters, 
and thus NATs can be semantically regarded as a (projective) fragment of £ciro By virtue of the 
complexity results for NATs, we also provide complexity results for the corresponding syntactic 
fragment of £ C iRO 

(3) Given the high complexity of nested circumscription, we look for meaningful fragments of the 
languages in which the complexity is lower. In this paper, we identify Horn NATs, which are a 
natural generalization of Horn circumscriptions, as such fragments. It is proven in Section [| that 
here nesting can be efficiently eliminated if no fixed variables are allowed, and that both model 
checking and inference are polynomial. In particular, we provide the result that given a Horn NAT 
T without fixed letters, an unnested Horn NAT T' logically equivalent to T is constructive from T 
in time linear in the size of the input. 

(4) Furthermore, we show that also for general Horn NATs (i.e., where fixed letters are allowed), 
model checking is polynomial. Consequently, inference from a Horn NAT is in coNP (and thus, by 
virtue of results on inference from a Horn circumscription in [||], coNP-complete). This shows that 
in general, nesting does not add to the complexity of Horn NATs. On the other hand, we show that 



the use of predicate maximization, proposed in [ 35 ] as a convenient declaration primitive, increases 



the complexity of Horn NATs, which climbs the polynomial hierarchy and reaches PSPACE if the 
nesting depth is unlimited. 
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(5) Finally, we compare £circ an d NATs to other generalizations of circumscription, in particular 



to the well-known method of prioritized circumscription [33, 34] and to theory curbing [20, 19]. 
Prioritized circumscription can be modeled in a fragment of £circ> which has the same complexity 
and expressivity as ordinary (unnested) circumscription. On the other hand, for theory curbing, 
both model checking and inference are like for £ C IRC and NATs PSPACE-complete jlj]. Our main 
result of the comparison concerns the expressiveness of £circ an d NATs, which appears to be lower 
than in curbing: in particular, unless some unexpected collapse in complexity classes occurs, there 
is no fixed £circ expression that expresses any PSPACE-complete problem, while we present a 
curb expression of this kind. 

As side results, we provide methods for efficiently eliminating fixed letters from £ciRC formulas 
and from NATs, respectively. 

Our results prove that the expressive power that makes £circ and NATs useful tools for the mod- 
ularization of knowledge has indeed a cost, because the complexity of reasoning in such languages 
is higher than reasoning in a "flat" circumscriptive knowledge base. Anyway the PSPACE upper 
bound of the complexity of reasoning, and the similarity of their semantics with that of quantified 
Boolean formulas (QBFs), makes fast prototype implementations possible by translating them into 



a QBF and then using one of the several available solvers, e.g., [|44|]. This approach could be used 
also for implementing meaningful fragments of NATs, such as the one in [Q], although this might 
be inefficient, like using a first-order theorem prover for propositional logic. 

Given that QBFs can be polynomially encoded into NATs, we can show that nested circumscrip- 
tion is more succinct than plain (unnested) circumscription, i.e., by nesting CIRC operators (or 
NATs), we can express some circumscriptive theories in polynomial space, while they could be 
written in exponential space only, if nesting were not allowed. In this sense, we add new results to 
the comparative linguistics of knowledge representation [|26|]. 

The rest of this paper is structured as follows. The next section contains some necessary prelim- 
inaries and fixes notation. After this, we introduce in Section |3| the language £circ> defining its 
syntax and semantics, and determine its complexity. In Section [l], we then turn to nested abnormal- 
ity theories; we show how NATs can be embedded into £circ> and by means of this relationship, 
we derive the complexity results for the case of general NATs. In the subsequent Section |5[ we 
then focus our attention to the syntactic class of Horn NATs. Section || addresses further issues and 
presents, among others, some results for the first-order case and linguistic extensions to NATs, while 
Section compares NATs and £circ to some other generalizations of circumscription, in particu- 
lar to prioritized circumscription and to curbing. The final Section [j| draws some conclusions and 
presents open issues for further work. 



2 Preliminaries 

We assume a finite set At of propositional atoms, and let C(At) (for short, C, if At does not matter 
or is clear from the context) be a standard propositional language over At. An interpretation (or 
model) M is an assignment of truth values (false) or 1 (true) to all atoms. As usually, we identify 
M also with the set of atoms which are true in M. The projection of a model M on a set of atoms 
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A is denoted by M[A|. Furthermore, for any formula ip and model M, we denote by (p[M] resp. 
<^[M[A|] the result of substituting in ip for each atom resp. atom from the set A the constant for its 
truth value. 

Satisfaction of a formula p by an interpretation M, denoted M \= cp, is defined as usual; we 
denote by mod(ip) the set of all models of ip. Capitals P, Q, Z etc stand for ordered sets of atoms, 
which we also view as lists. If X = {xi, . . . , x n } and X' = {x[, . . . , x' n }, then X < X' denotes 
the formula /\™ =1 (xj — > x'A. 

We denote by <p-z the preference relation on models which minimizes P in parallel while Z 
is varying and all other atoms are fixed; i.e., M <p-z M' (M is more or equally preferable to 
M') iff M[P] C M'[P] and M[Q] = M'[Q], where Q = At \ P U Z and C and = are taken 
componentwise. As usual, M <p ; z M' stands for M <p ; z M' AM / M' . 

We denote by CIRC(<^; P; Z) the second-order circumscription [ |33| ] of the formula y> where the 
atoms in P are minimized, the atoms in Z float, and all other atoms are fixed, defined as the follow- 
ing formula: 

CIRC(^; P; Z) = ip[P; Z] A V P' 'Z \{p[P '; Z']AP'<P)->P< P')- (!) 

Here P' and Z' are lists of fresh atoms (not occurring in tp) corresponding to P and Z, respectively. 
The second-order formula ([[]) is a quantified Boolean formula (QBF) with free variables, whose 
semantics is defined in the standard way. Its models, i.e., assignments to the free variables such that 
the resulting sentence is valid, are the models M of ip which are (P; Z)-minimal, where a model M 
of ip is (P; Z)-minimal, if no model M' of ip exists such that M' < p-z M. 



2.1 Complexity classes 

We assume that the reader is familiar with the basic concept and notions of complexity theory, 
such as P, NP, complete problems and polynomial-time transformations; for a background, see 



[30, i0]. We shall mainly encounter complexity classes from the Polynomial Hierarchy (PH), which 
is contained in PSPACE. We recall that P = = NP = Sf , coNP = nf , Sf +1 = NP E fc , 
and nf = co-Ef , k > 1, are major classes in PH. The class D£ = {L x V \ L £ Sf , V £ nf }, 
k > 0, is the "conjunction" of Sf and nf ; in particular, is the familiar class D p . All the 
classes with k > 1 have complete problems under polynomial-time transformations, and canonical 
ones in terms of evaluating formulas from certain classes of QBFs. The problems in the class 
Af +1 [0(log n)} are those which can be solved in polynomial time with 0(log n) many calls to an 
oracle for Sf, where n is the input size. 

A complexity class C is called closed under polynomial conjunctive reductions, if the existence 
of any polynomial-time transformation of problem A into a logical conjunction of (polynomially 
many) instances of a fixed set of problems A\, . . . ,Ai in C in implies that A belongs to C. Note 
that many common complexity classes are closed under polynomial conjunctive reductions. In 
particular, it is easily seen that this holds for all complexity classes mentioned above. 
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3 Language £ C irc 



The language £ciRC extends the standard propositional language C (over a set of atoms At) by 
circumscriptive atoms. 

Definition 3.1 Formulas of £circ are inductively built as follows: 

1. a E £ciRC> for every a E At; 

2. if if, ip are in £ciRC> then cp A ip and -up are in £ciRC/ 

3. if cp E £ciRC a nd P, Z are disjoint lists of atoms, then ClRC(cp; P; Z) is in £ciRC (called 
circumscriptive atom). 

Further Boolean connectives (V, — etc) are defined as usual. The semantics of any formula ip from 
£circ is given in terms of models of a naturally associated QBF r(cp), which is inductively defined 
as follows: 

1. r(a) = a, for any atom a E At; 

2. r(cp Aip) = r(cp) A r(ip); 

3. r(-iip) = -it(<p); and 

4. T{CIRC{cp;P;Z)) = r((p[P; Z]) A MP' Z'({r{cp[P'; Z'\) A P' < P) -> P< P')- 

Note that in ^, the second-order definition of circumscription is used to map the circumscriptive 
atom to a QBF which generalizes the circumscription formula in ([[]). In particular, if tp is an or- 
dinary propositional formula (tp E £), then r(CIRC((^; P; Z)) coincides with the formula in ([]]). 
Furthermore, observe that £circ permits replacement by equivalence, i.e., if ip\ and ip2 are logi- 
cally equivalent formulas from £circ an d occurs in formula ip, then any formula resulting from 
cp by replacing arbitrary occurrences of ip\ in ip by ip2 is logically equivalent to cp. 

Example 3.1 Consider the formula 

ip = CIRC (CIRC (a V b; a; b) V CIRC (6 V c; b; c); a; c). 
Since CIRC (a V b; a; b) = (b A ->a) and CIRC (b V c; 6; c) = (c A -.&), we get 

r(<p) = CIRC((6 A -.a) V (c A -.6); a; c). 
From rule 4, we get by applying ordinary circumscription that 

r(cp) = (->o A -16 A c) V (-ia A 6) = -ia A (6 V c). 

□ 

As usual, we write M \= cp if M is a model of <£> (i.e., M satisfies cp), and cp \= ip if ^ is a logical 
consequence of cp, for any formulas and ip from £ciRO 
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3.1 Complexity results 



Let the CIRC-nesting depth (for short, nesting depth) of cp G £circ> denoted nd{p), be the maxi- 
mum number of circumscriptive atoms along any path in the formula tree of cp. 

Theorem 3.1 Model checking for £circ> i- e -> deciding whether a given interpretation M is a model 
of a given formula <p € £ciRC> is PSPACE-complete. Ifnd{cp) < kfor a constant k > 0, then the 
problem is ( i) 11^ -complete, if cp is a circumscriptive atom CIRC^; P; Z), and ( ii) A^ +1 [0(log un- 
complete in general. 

Proof: By an inductive argument, we can see that for any circumscriptive atom <p = CIRC( , 0; P] 
Z) such that nd(cp) < k for constant k, deciding M \= <p is in nf . Indeed, if k = 1, then cp is an 
ordinary circumscription, for which deciding M \= ip is well-known to be in coNP = flf, cf. [18]. 



Assume the statement holds for k > 1, and consider k' = k + 1. Note that M y= <p iff either (a) 
M \/= ip or (b) some model N exists such that N < p-z M and N \= ip. By the induction hypothesis, 
we can guess N and check whether either (a) or (b) holds for this N in polynomial time using a 11^ 
oracle. It follows that deciding M (= <p is in n^ +1 , as claimed. This establishes the membership 
part for (i). If nd{p) = k but k is not fixed, we obtain similarly that deciding M \= cp is possible 
by a recursive algorithm, whose nesting depth is bounded by nd{p) and which cycles through all 
possible candidates N for refuting M, in quadratic space. Since any £circ formula p is equivalent 
to the circumscriptive atom CIRC(^>; 0; 0), deciding M (= cp is thus in PSPACE in general. 

For the membership part of (ii), observe that p is a Boolean combination of ordinary and circum- 
scriptive atoms cpi,... , p rn such that nd(ipi)) < k holds for i € {1, ... , m}. Deciding M \= p is 
easy if the values of all pi in M are known; by (i), they can be determined in parallel with calls to 
oracles. Thus, deciding M \= cp is possible in A^ +1 ||, i.e., in polynomial time with one round 
of parallel oracle calls. Since, as well-known, Aj^ +1 || = A^ +1 [0(logn)] (see [5C] for k = 1, 
which easily generalizes), this proves the membership part for (ii). 

PSPACE-hardness of deciding M \= cp for general p and n^-hardness for (i) can be shown by 
a reduction from evaluating suitable prenex QBFs. We exploit that nested abnormality theories 



(NATs) can be easily embedded into £circ in polynomial time (cf. Proposition |4.3| ), and thus a 
slight adaptation of the reduction of QBFs to model checking for NATs in the proof of Theorem 4.1 1 
proves those hardness results. In particular, we perform the reduction there for empty X n+ \ (the 
formulas <p g and p c , which become tautologies, can be removed), and observe that in this case, each 
auxiliary letter p € A* (T) is uniquely defined by some formula u <-> p or u <-> -<p, respectively, 
in some TJ. Thus, the problem M \= in the proof of Theorem 4.11| can be reduced, for empty 



X n+ i, in polynomial time to an equivalent model checking problem M* \= n*{T^) for £circ- It 
follows that model checking for £circ is PSPACE-hard in general and n^-hard in case (i). 

The A^ +1 [O (log n)] -hardness part for the case where cp is a Boolean combination of formulas 
pi, . . . , p m € ^circ suc h that max{nd(pi) \ i E {1, . . . , m}} < k is then shown by a reduction 
from the problem of deciding, given m instances (Mi, p\), . . . ,(M n ,p m ) of the model check- 
ing problem for circumscriptive atoms on disjoint alphabets At\, . . . , At m , respectively, whether 
the number of yes-instances among them is even. The A^ +1 [0(logri)]-completeness of this prob- 
lem is an instance of Wagner's [|^] general result for all IT^-complete problems. Moreover, we 
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may assume that m is even and use the assertion (cf. ||50|]) that (Mj, ipi) is a yes-instance only if 
(Mj + i, (fi+i) is a yes-instance, for all i G {1, . . . , m — 1}. Then, we can define 

0<2i<m 

where e is a fresh letter. The interpretation M = IJI^i M U {e} is a model of p if and only if 
the number of yes-instances among (M\,<p{), . . . , (M m , <p m ) is even. Clearly, p> and M can be 
constructed in polynomial time. □ 



Theorem 3.2 Deciding, given formulas (p,ip G £circ whether ip \= ip is PSPACE-cofnplete. 
Hardness holds even ifip&CIf the nesting depth of p and is bounded by the constant k > 0, 

I p - 

i fc+i 



then the problem is i -complete. 



Proof: The problem is in PSPACE (resp., n^ +1 ): By Theorem QA\, an interpretation M such that 
M |= cp A -rip can be guessed and verified in polynomial space (resp., in A^ +1 [0(logre)], thus in 
polynomial time with an oracle for IT P ). Hence the problem is in NPSPACE = PSPACE (resp., in 
n^ +1 ). Hardness follows from the polynomial time embedding of NATs into £ciRC (Corollary 4.4) 
and Theorem ^ below. □ 

As an immediate corollary, we obtain the following results for the satisfiability in £ciRC- 

Corollary 3.3 Deciding satisfiability of a given formula p G £circ w PSPACE-complete. If the 
nesting depth is bounded by a constant k > 0, then the problem is T,^ +1 -complete. 

Observe that some of the hardness proofs in this section make use of results from Section ||. 
In turn, the membership results for reasoning problems in £circ will t> e convenient to establish 
membership results for some of the problems considered there. 



4 Nested Abnormality Theories (NATs) 



In this section, we turn to Lifschitz's [35] formalization of nested circumscription, which we intro- 



duce here in the propositional setting (see Section 6.3 for the predicate logic context) 



We assume that the atoms At include a set of distinguished atoms Ab = {abi, . . . , ab^} (which 
intuitively represent abnormality properties). 

Definition 4.1 Blocks are defined as the smallest set such that if c\ , . . . ,c n are distinct atoms not 
in Ab, and each of B\, . . . , B m is either a formula in C or a block, then 

B = {ci, . . . , c n : Bi, . . . , B m }, 

is a block, where c\ , . . . ,c n are called described by this block. The nesting depth of B, denoted 
nd{B), is if every Bi is from the language C, and 1 + m&x{nd(Bi) \ 1 < i < m} otherwise. 
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Definition 4.2 A nested abnormality theory (NAT) is a collection T = B\, . . . ,B n of blocks ;^its 
nesting depth, denoted nd(T), is defined by nd(T) = m&x{nd(Bi) | 1 < i < n}. 



Example 4.1 This is a propositional version of the example in section 3. 1 of [p5y. T is the follow- 
ing NAT with two blocks: 

{/: /-a&, B}, 

where block B is defined as: 

{/: bA^ab^f, c -► b, c}. 

Letters /, b, and c stand for "flies", "bird", and "canary", respectively. The outer block describes 
the ability of objects to fly; the inner block B gives more specific information about the ability of 
birds to fly. □ 

The semantics of a NAT T is defined by a mapping <r(T) to a QBF as follows: 

a{T) = /\ a(B), (2) 
BeT 

where for any block B = {C : B±, . . . , B m }, 

a{B) = ^Ab.Cmc( t\T =1 (j{Bi)\Ab-,C) (3) 



given that a(tp) = (p for any formula ip € C. Satisfaction of a block B (resp., NAT T) in a model 
M is denoted by M \= B (resp., M \= T). 

A standard circumscription CIRC(<^; P; Z), where <p € C, is equivalent to a NAT T = {Z : ip} 
where P is viewed as the set of abnormality letters Ab; notice that nd(T) = 0. However, in this 
expression, the letters P are projected from the models of T. Furthermore, any ordinary formula 
ip £ C(At \ Ab) is logically equivalent to the NAT { : ip}. 

Remark 4.1 By our definitions, a model M of a block B comprises all letters, At, including Ab, 



which is not the case according to [35]. More rigorously, we would need to use abnormality letters 
as 0-ary predicate (i.e., propositional) variables and distinguish them from the other letters, which 
are 0-ary predicate constants. For the purpose of this paper, it simplifies the discussion to have 
models of blocks and NATs on an alphabet which has Ab also constants; our results are not affected 
by this in essence. Note that M can take any value on Ab for B, since by a(B) as in (||), the 
valuation of Ab as a variable in 3Ab is locally defined and projected away via the quantifier. 

For later use, we note the following simple characterization of the models of a block. 



In ffiyjj, the collection may be infinite. For our concerns, only finite collections are of interest. 
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Proposition 4.1 Let M be an interpretation of all letters in At and B = {C : B±, . . . , B m } a 
block. Then M \= B if and only if there exists a model M* which extends M[At \ Ab] (i.e., 
M[At \ Ab] = M* [At \ Ab}) and is a (Ab; C)-minimal model of B h . . . , B m . 

We call any model M* as in the previous proposition a witness extension of M (w.r.t. B); if M is 
a witness extension of itself (i.e., M = M*), then we call M a witness model of B. Thus, M is a 
witness model of B precisely if M \= CIRC ( A™ =1 er(A); Ab; c) holds. 



Example 4.1 (cont.) The semantics a(T) of T can be easily obtained using the above definition: 

a(T) = a({f : / -» ab}) A a({f : B}) 

= f -> ab A 3A6.CIRC(6 A ->a6 — > /, c -» 6, c; a6; /) 
= f —>■ ab A 3Ab.ClRC{c A 6 A (/ V ab); a6; /) 
= / -> aft A 3A6.(c A 6 A / A ^a6) 
= f —> ab A (c A 6 A /) 
= f A ab A c A b. 

Note that {c, 6, /, ->a6} is a witness model of I?. □ 
The following useful proposition states that we can easily group multiple blocks into a single one. 

Proposition 4.2 Let T = B 1} . . . , B n be any NAT. Let T = {Z : Bi, . . . , B n } where Z is any 
subset of the atoms (disjoint with Ab). Then, T and T have the same models. 

Indeed, T has void minimization of Ab (making each abj in Ab false), and fixed and floating 
letters can have any values. 



4.1 Embedding NATs into £circ 

In the translation <r(T), the minimized letters Ab are under an existential quantifier, and thus se- 
mantically "projected" from the models of the formula CIRC(- • • ) (recall that Ab, which is by our 
convention respected by models of cr(T), has arbitrary value in them.) We can, modulo abnormality 
and auxiliary letters, eliminate the existential quantifiers from the NAT formula a(T) as follows. 

Definition 4.3 Let, for any NAT T, bea*(T) the formula obtained from a (T) as follows: 

1. Rename every quantifier 3Ab in o~(T) such that every quantified variable is different from 
every other variable. 

2. In every circumscriptive subformula CIRC(c/?; P; Z) of the renamed formula, add to the float- 
ing atoms all variables which are quantified in ip (including in its subformulas). 

3. Drop all quantifiers. Let A*(T) denote the set of all variables whose quantifier was dropped. 

Note that the size of <r*(T) is polynomial (more precisely, quadratic) in the size of cr(T), and 
also quadratic in the size of T. 
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Example 4.2 Let Ab = {061,062} and T = {z : T\, ab\ <-> z}, where T\ = {z : ab\ «-> 

-ia&2j 061 ^ -2}- Then, 



cr(T) = 3a6i, 062- CIRC (ex (71) A (ab\ «->z); a6i, 062! z), where 
<t(7i) = 3a6i, a62-CIRC((a6i <-> -1062) A (afei ^ z); a6i, 062; z). 

In Step 1, we rename ab\ and 062 in a(Tx) to 063 and 064, respectively, and add in Step 2 063, 064 
to the floating letter z of T. After dropping quantifiers in Step 3, we obtain: 

a*(T) = CIRC(er*(7i) A [ab x z); a6 1; a& 2 ; a& 3 , 064), 
<j*(Ti) = CIRC((af)3 <-> -1064) A (063 <-> z); 063, 064; 2). 

Furthermore, yl*(T) = {061,062,063,064}. □ 
The following result states the correctness of a*. 

Proposition 4.3 For any NAT T, o~(T) otio* o~*(T) are logically equivalent modulo A*(T). More- 
over, ifT is a single block B and renaming takes place inside the nesting, then an interpretation M 
of At is a witness model ofT if and only if M = N[At]for some model N of o~*(T). 

Proof: We prove the result for any T which is a single block B by induction on k > given 



nd(T) < k. The equivalence result for arbitrary T follows then from Proposition i2, In what 
follows, we use the obvious fact that the models and the witness models of B coincide modulo Ab. 

(Basis) If k = 0, then cr(T) is an ordinary circumscription 3y46.CIRC(<^; Ab; Z) where ip G L. 
Clearly, every witness model M of <r(T) (in the alphabet At) is, modulo possible renamings of 
letters from Ab in a*(T), a model of cr*(T) (in the alphabet (At \ Ab) U A*(T)), and vice versa. 
Thus the statements hold in this case. 

(Induction) Assume the statements hold for k > 0. Let T be a single block B = {Z : B\, . . . , 
B n } of nesting depth nd(B) = k + 1. Then, a(T) = 3Ab.ClRC((p; Ab; Z) where ip = /\ i a(Bi). 
Suppose <t*(T) = CIRC(</? / ; Ab'; Z') where ip' = A ti a*(Bi), such that, without loss of generality, 
Ab' = Ab (i.e., renaming in Step 1 of cr*(T) takes place inside the nesting) and B-y, . . . ,Bi (I < n) 
are all the blocks Bi in B such that B { e C. Note that Z' = ZU \J7=i+i Ah, where Ab { are the 
abnormality letters in o~*(Bi); note that the sets Abi + \, . . . , Ab n and Ab are pairwise disjoint. 

Let M be any witness model of B, i.e., M \= CIRC(ip; Ab; Z) . We show that cf*(T) has a 
model N such that M = N[At]. Since M \= p, we have M \= a(Bi), for i E {1,... ,n}. 
Thus, M \= a*{Bi), if i < I, since a*(B { ) = a{Bi) (=B { ). For i > I, a{Bi) is of the form 
3Ab.CIRC(pi; Ab; Zi). By the induction hypothesis, there is a truth assignment z/j to Ab* such 
that the extension of M to Ab* by v { is a model of a*(Bi) = CIRC (p^; Ab' { ; Z'A. Since the sets 
Ab*, j, . . . , A6* and ^46 are pairwise disjoint, the extension of M to Uf=i+i Ab* by f/+i, ... , v n , 
denoted N, is therefore a model of p'. Furthermore, it holds that |= CIRC(<^'; Ab'; Z'). Indeed, 
assume towards a contradiction that some model N' of ip' exists such that N' <AV;Z' N. Then, 
projected to the letters of a*(Bi), N' is a model of a*(Bi), for each i 6 {1, . . . , n}. The induction 
hypothesis implies that M' := N'[At] is a model of each a(Bi), and thus M' \= p. Since Ab = Ab', 
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we have M' <Ab,z M, and thus M is not an (Ab; Z)-minimal model of tp. This contradicts that 
M is a witness model of B. Consequently, N |= CIRC(^'; Ab'; Z'). Thus, N is a model of cr*(T) 
such that M = N[At]. 

Conversely, let N be a model of a*(T). Then, for each i G {1, . . . , n}, the projection of N to 
the letters for a*(Bi), denoted iVj, is a model of a*(Bi). Thus, iVjfAt] if 2 < /, and, as follows 
from the induction hypothesis, Ni[At \ Ab*] if i > I is a model of cr(Bi). Hence, M := iVpli] is a 
model of <p. Moreover, M is an (Ab; Z)-minimal model of (p. Indeed, suppose that M' <Ab,z M 
is a smaller model of <p. Since M' \= <j(B{), for i G {1, . . . , n}, we have M' |= <j*(B{) if 
i < Z and, by the induction hypothesis, there exists an extension N- of M[\At \ Ab\ to Ab* such 
that \= <j*(Bi), for each i G {I + 1, . . . , n}. Since the sets -A* +1 , . . . , A* n and are pairwise 
disjoint, N' = M' U (J™ =;+1 iVj extends M' to U™=i+i such that N ' h ^ and ^' <Afe;Z' 
This implies that iV is not a model of <t*(T), which is a contradiction. This shows that M is an 
(Ab; Z)-minimal model of <p. Consequently, M is a witness model of T. 

Thus, the statements hold for k + 1, which concludes the induction. □ 



Corollary 4.4 Modulo the letters A*(T), NATs are (semantically) a fragment of £ciRC> an d poly- 
nomial-time embedded into £circ c*- 

We remark that auxiliary letters seem indispensable for an efficient embedding of NAT into 
£cmc; intuitively, they are needed in compensation for repetitive local use of projected abnor- 
mality letters. Notice that it is not possible to add in Step 2 of the embedding a*(T) the quantified 
variables in ip to the fixed atoms. This is shown by the following example. 



Example 4.3 Reconsider the NAT T in Ex. X.2. Note that is the unique model of a(T). The 



formula a*(T{) has, if we disregard a&i,a&2 (which are fixed in it), the models M\ = {abs,z} 
and A/2 = {064}. They give rise to the two models A r i = {ab±, z,abs} and A^2 = {ab^} of 
o~*(Ti) A (ab\ <-> z), of which is (abi, 062; abs, ab^, z)-minimal. 
However, if 063, 064 were fixed in a*(T), then both N\ and A2 would be models of a*(T), as 



they are (abi, 062! z)-rninimal. Therefore, Proposition 4.3 would fail. □ 



We finally remark that £circ formulas can be embedded, modulo auxiliary letters, into equivalent 
NATs in polynomial time. This can be seen from the fact that £ciRC formulas can be embedded 
into QBFs (having free variables) in polynomial time, and that such QBFs can be embedded, using 
auxiliary letters, into NATs in polynomial time (cf. also the next section). However, by the limited 
set of constructors in NATs, and in particular the lack of negation applied to blocks, a simple and 
appealing polynomial-time embedding of £circ mt o NATs seems not straightforward. 



4.2 Complexity of NATs 

Ordinary circumscription can express a QBF sentence <I> = \/X3Yi/j (where ip G C) as follows. Let 
u be a fresh atom. 

Proposition 4.5 (cf. []I8[]) $ is true if and only ifdRC(ip; u; Y) \= -<u, where ip = tp V u. 
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This circumscription can be easily stated as a NAT. Set 



T\ = {Y, u : cp,u <-> ab}. 



Then Proposition 4.5 implies that T\ \= ->u iff <fr is true. Recall that M[S] denotes the assignment 
to the atoms in S as given by M. Then, every model M of T\ must be, if we fix the atoms in X to 
their values in M, a model of ip such that M \= u if and only if i/i[M[X]] is unsatisfiable. 

Starting from this result, we prove PSPACE-hardness of inference T |= <p from a NAT T. The 
basic technique is to introduce further variables as parameters V into the formula $> from Proposi- 



tion 4.5, which are kept fixed at the inner levels. At a new outermost level to be added, the letter u 
is used for evaluating the formula at a certain level. We must in alternation minimize and maximize 
the value of u. 

Consider the case of a QBF $ = VX3Yip[V], where V are free variables in it, viewed as "pa- 
rameters". We nest T\ into the following theory T 2 : 

T 2 = {X, Y, u : 7~i, u <-> -*ab} 

This amounts to the following circumscription: 

cr(T 2 ) = 3a6.CIRC(3a6.CIRC((/5 A (u^ab); ab; Y, u) A (u^^ab); ab; X,Y,u). 

The outer circumscription minimizes ab and thus maximizes u. The formula o-(T 2 ) is, by Proposi- 
tion modulo the atoms a\ and a 2 equivalent to the formula 

a*{T 2 ) = CIRC(cr*(7i) A (w^^a 2 ); a 2 ; X, Y, u, a\), 
cr*(Ti) = CIRC(<£> A (u<->ai); a±; Y, u). 

The following holds: 

Proposition 4.6 T 2 \= u if and only if for every truth assignment v to V, the QBF 3X\/Y ^il)\v(y)\ 
is true (i.e., $[^(V)] is false). 

Proof: (<=) Suppose T 2 \/= u. Then, there exists a model M of T 2 such that M \= -iu. Since 
M' \= a 2 holds for any model M 1 of cr*(T 2 ) which extends M to ai,a 2 , we conclude that every 
model N of a*(T x ) A (u <-> ^a 2 ) such that N[V] = M[V] satisfies N \= a 2 A (otherwise, 
N <o 2 ;Xuyu{u,ai} M would hold, which contradicts that M is a model of a*(T 2 )). Since V U X is 
fixed in Ti, it is clear that every assignment v to (V U X) which extends M[V] can be completed to 
a model M v of a*(Ti). By minimality of M, we have M v |= -nt, and thus M |= ^[z^(y U X)]. In 
other words, VXay^^^]] is true > which means that VXJY-<ip[v(V)} is false for v(V) = M[V]. 

(=>■) Assume the assignment ^(V) is such that \/X3Yi/;[i'(V)] is true. Let M be any model such 
that M[V] = v(V), M \= ip, and M \= a 2 A A -ioi. Then M is a model of a*(T 2 ). Indeed, 
cleai4y M is a model of a*(T\), since M \= ip A (u <-> ai) and the minimized letter ai is false in M. 
Furthermore, M |= u <-> -102- It remains to show that there is no model N of er*(7i) A (u <-> -ia 2 ) 
such that <a 2 ;Xuy{u,ai} M. Suppose such an N would exist. Then, N \= u, and we obtain 
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that ip[N[V U X}] is unsatisfiable. Since N[V] = M[V] = u(V), this means that VX3Yif>[v(V)] 
is false. This is a contradiction, and thus N can not exist. It follows that M is a model of a*(T2). 
Since M \= -<u, the proposition is proved. □ 

A consequence of the preceding proposition is that deciding, given a NAT T 2 of nesting depth 1 
and ip G C, whether T 2 \= t/j is nf-hard. 
We generalize this pattern to encode the evaluation of a QBF 

$ = QnXnQn-lXn-l ■ " ■ VX 2 3X^, n > 1, (4) 

where the quantifiers Qi alternate, into inference T \= tp from a NAT T as follows. 
Let ip = ip V u, where u is a fresh atom. Define inductively 

T\ = {Xi,u : <p,u «-» afc}, 

^fc = {^1, • • • ,X 2k ,u : T 2k -i,u <-> -iafe}, for all 2/c G {2, ... , n}, 
T^+i = {Xi, ... ,X 2 fe+i,« : T 2k ,u <-+ ab}, for all 2k + 1 G {3, . . . ,n}, 

and let To = { : v?}. Note that To is equivalent to 99, and that nd(Ti) = i — 1, for all i G {1, . . . , n}, 
while nd(To) = 0. We obtain the following. 

Lemma 4.7 For every n > 1 and possible truth assignment v{X n ) to X n , T n -\ has some model 
extending v(X n ), and 

• ifn is odd, then T n -\ (= u if and only if& is false, i.e., ZJ frwe; 

• ifn is even, then T n -\ \= —>u if and only if& is true. 

Proof: The proof of this statement is by induction on n > 1. For n = 1, clearly T has for 
each truth assignment v{X{) some model (just assign u value true), and Tq \= u if and only if 
<I> = 3Xiip is false. Suppose that the statement holds for n > 1 and consider n + 1. Consider 
any truth assignment 1/ = zv(X n+ i) to X n+ i, and let TJ be the NAT Tj for ^ = &[v(X n+ x)], 
j G {0, . . . , n}. Then, the induction hypothesis implies that 7%_i has some model, which can be 
extended to some model of u <-» aft (resp., u <-» -ia&), and thus to all blocks in 7%. Since the 
variables X n+ i are fixed in T"„, also T n must have a model which extends v(X n+ i). Thus, the first 
part of the statement holds. 

For the second part, assume first that n+ 1 is odd. Then, n is even, and by the induction hypothesis 
T^-i H _1 ' u iff ^ i s true - Since u <-> -iafr is a block of T n and X n floats in T ri (while it is fixed 
in T^_i), it follows from minimization of ab that every model M of T n such that MfX^+i] = 
u(X n+ i) satisfies u iff T^-l ~* u > i- e > ® v i s f a l se - Since the letters X n+ \ are fixed in T n , it 
follows that T n \= u iff is true for all truth assignments which is equivalent to <I> 

being false. Thus the statement holds in this case. 

The case where n + 1 is even is similar. By the induction hypothesis, T^'_ 1 |= u iff <& u is false. 
Since u <-> aft is a block of T^ and X n floats in T^ for minimizing aft, every model M of T^ such 
that M[X n+ i] = u(X n+ i) satisfies ->u iff V 1 u, i-e., & u is true. Since X n+ \ is fixed in T^, 
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it follows that T n \= iff & u is true for all truth assignments u(X n+ i), i.e., $ is true. Thus, the 
statement holds also in this case, which completes the induction step. □ 

We now turn to the problem of model checking. By our embedding of NATs into nested circum- 
scription, we obtain the following upper bound for this problem. 

Lemma 4.8 Model checking for NATs, i.e., deciding whether a given interpretation M is a model 
of a given NATT, is in PSPACE. Ifnd(T) < kfor constant k > 0, then it is in S^ +2 . 



Proof: By Proposition M \= T (thus equivalently, M \= cr(T)) if and only if there exists 



some interpretation M* which extends M[At\Ab] to A*(T) such that M* \= a*(T). By definition, 



<7*(T) = Ai=i Ai A Ajli <Pj i s a conjunction of circumscriptive atoms A4 and ordinary formulas 
ifj G C((At \ Ab) U A* (T)). Thus, we can decide M \= cf(T) by guessing a proper M* and check 
that M* \= Ai and M* \= ipj, for all A { and tpj. We observe that nd(Ai) < k + 1 holds, since 



nd(a(T)) = nd(a*(T)) < nd(T) + 1. Thus, by Theorem |3Tj each M* \= A { can be decided by 
a call to a n^ +1 oracle; deciding M* \= cpj is polynomial, for every tpj. 

Since <r*(T) and A*(T) are constructible from T in polynomial time, it follows that deciding 
M \= a*{T), and thus M \= T, is in Sf +2 . □ 



The construction in Lemma nl\ shows a polynomial-time encoding of QBF evaluation into in- 



ference from a NAT. In turn, Proposition 4.3 shows that a NAT can be polynomially embedded 
into an £circ formula. The following theorem highlights the consequences of such relations on 
complexity of inference with respect to a NAT. 



Theorem 4.9 Deciding, given a NATT and a propositional formula tp, whether T \= (pis PSPACE- 

I p - 

L k+2 



complete. Ifnd(T) < kfor constant k > 0, then it is Ii^ +2 ' com P^ ete - 



Proof: The hardness part follows from Lemma 4.7 above. As for the membership part, a model 



M* of <r*(T) such that M* ty= ip (i.e., M \£ ip) can be guessed and verified in PSPACE (resp., with 
the help of a IT P +1 -oracle in polynomial time). Thus the problem is in co-NPSPACE = PSPACE 
(resp., n£ +2 ). □ 

The complexity of NAT- satisfiability is now an easy corollary to the previous results. 

Corollary 4.10 Deciding whether a given NATT is satisfiable is PSPACE-complete. Ifnd(T) < k, 
for constant k > 0, then the problem is Y^.^-complete. 

The next theorem shows that the upper bounds on model checking for NATs have matching lower 



bounds. For the general case, this is expected from Theorem 4.9: if model checking would be in 
PH, then also inference would be in PH. For the case of bounded nestings, it turns out that compared 
to £circ> trie minimization process of NATs has subtle effects on the complexity. In particular, lo- 
cal abnormality letters are a source of complexity and lift the problem, compared to similar £cmc 
instances, higher up in PH. For example, in case T is a collection of blocks Bi with nesting depth 
zero, model checking for T is S^-complete, while for a corresponding conjunction of circumscrip- 
tive atoms CIRC(y?j; Pf, ZA where each <pi is an ordinary formula (having circumscriptive nesting 
depth 1), model checking is coNP-complete. 
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Theorem 4.11 Given a NAT T and an interpretation M, deciding whether M \= T is PSPACE- 
complete. If nd{T) < k for a constant k > 0, then the problem is T,^, 2 ' com P^ ete -f\ 



Proof: By Lemma |4.8| , it remains to show the hardness part. To this end, we use an extension 
of the encoding of a QBF in Lemma 4/7, and construct in polynomial time NATs T(, . . . ,7^ and a 
model M such that M \= T r [ iff the formula in (Q) for n + 1 is true if n is odd (resp., false if n is 
even). 

Let the NATs T\, . . . , T n be similar as there, but with the following differences. Let X n+ \ = 

{x n +l,l, • • • j X n+ i i\. 

• tp = ifi V u is replaced by <//, where 
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(i/iVnV (X n A v)) A ((X n At)) -> u), if n is odd, 
(^VuV (X n A v)), if n is even. 



Here v is a new letter, which is described (i.e., floating) in T n and fixed elsewhere. 
We add in T n the formulas 



<f 9 := (X n A v) -> /\ (a&o+ij <-> -iafe' n+lj j and 

i 

J"=l 

where ^6 n+ i = {a6 n+ i,i, . . . , a^+i,;} and = {a^ +11 , . . . , a&^ +1 J are fresh dis- 

joint sets of abnormality letters. 

• We describe (i.e., let float) the letters of X n+ \ in T n . 

The resulting NATs, denoted T(, . . . , 7^, are thus as follows. If n = 1, then 7"/ = {X\, . . . , -Xn+i, 
■u, v : ip' , u <-> a&, 9J c }; otherwise, 

7}' = {Xi,... iX^uiTj^Vvj}, for all j € {2, ... , n — 1}, 

Tn = ■■■ ,X n ,X n+1 ,U,V : <Pu,n, <Pg, <Pc}, 

where ip u j = u <-> a&, if j is odd, and = u <-> -iab, if j is even. Note that nd(T^) = n — 1. 

The intuition behind these modifications is as follows. Informally, X„ A t? will be true in a 

designated candidate model M, which enforces that the value of u is true if n is odd (resp., false, if 

n is even by minimization of ab in T{). The candidate model M can only be eliminated by some 

other model which does not satisfy X n A v, and thus must satisfy tp. 

3 In the preliminary IJCAI '01 conference abstract of this paper, incorrectly n^ +1 -completeness of the problem was 
reported. This result applies to a large natural subclass of theories (which we had in mind), in particular, to theories which 
allow polynomial model completion (see this section). 
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Informally, ip g serves for guessing a truth assignment v to the letters in Ab n+ ± for extending 
the designated model M to a witness M* for M \= 7^. The assignment v is transfered by ip c to 
X n+ i when the minimality of M* is checked; for that, it is assured that any possible smaller model 
M' <Ab-,At\Ab M* of the blocks in 7^ must falsify the conjunction X n A v. 

Define M = (J"=i X { U {v, u} if n is odd and M = |J" =1 X { U {-y} if n is even. Note that 
M \= tp'. 

We claim that M \=T^ iff the QBF $ in (f|) for n + 1 is false if n is odd (resp., true, if n is even). 
Since M and 7^ are constructible in polynomial time, this will prove the result. 

We use the following lemmas: 
Lemma A. Let M* be any extension of M such that M* \= (p u ^ n and M* \= ab n+ ij <-> ~<ab' n+1 ■, 
for all j G {1, . . . , /}. Then M* |= 7^ and M* |= ab. 

Proof: Note that v and the letters in X n U X n+ \ are fixed in T{, . . . , Thus, if any model M' 
such that M' (= TJ 7 coincides with M on X n U {v}, then it follows Af |= u if n is odd (resp., 
M' \= -in, if n is even). Next, all models M' of 7^' which coincide with M on X n U {v} satisfy 
M' \= n(resp.,M' |= -nt). Continuing this argument, it follows that M'[X„U{t>}] = Mpf n U{v}] 
and M' |= 7^„ x implies that M' |= u (resp., M' \= ^u). Hence, M* \= %_ v Clearly M* \= ab 
holds. 

Lemma B. Let M' be any model such that M' \= ip u . n A ^ab and M' ^= X n A v. Then, M' |= T^_ x 
iff 3X n VX n _! • • • 3Xi^[M'[X n+ i]] is true if n is odd, and VX n 3X n _i • • • 3Xit/;[M'[X n+ i]] is 
false if n is even. 

Proof: For any such M', the problem M' \= x<& equivalent to M' |= 7^„ x (with the letters 
X n+ i fixed to their values in M'), since X n Av in T{ is false; the new abnormality letters introduced 
above are irrelevant for M' (= 7^_i. Note that M' |= -<u if n is odd (resp., M' \= u if n is even). 
Lemma 17 implies that M' |= 7^_i iff Q n X n Q n _\X n ^\ ■ ■ ■ 3Xiip[M'[X n+ i\] is true if n is odd 
(resp., false if n is even). This proves the lemma. 

We now prove the claim. 
(<=) Suppose M y= T n . Then, for each extension M* of M as in Lemma A, there exists some model 
M' <Ab-.At\Ab M * °f the blocks in 7^ such that M' \= ^ab, which implies that M' \/= X n A v. 
Hence, by Lemma B, it follows that Q n X n VX n _i • • • 3Xiip[M' [X n +i]] is true if n is odd (resp., 
false if n is even). Since the different M* induce all possible truth assignments to X n+ i, and M' 
was arbitrary, it follows that the formula Q n+ iX n+ iQ n X n ■ ■ ■ 3X±Tp is true if n is odd (resp., false 
if n is even). 



(=>) Suppose that M \= T n . Hence, by Proposition 4T there exists a witness extension M* of 
M w.r.t. T n which (Ab; At \ Ab) -minimally satisfies the blocks in T n . Thus, for each model 
M' <Ab-,At\Ab M* which coincides with M on Ab n +i U Ab' n+l and such that M' \= ->ab and 
M' y= X n Av, it follows that M' \f= By Lemma B, it follows that Q n X n ■ ■ ■ 3X 1 i/j[M'[X n+1 \) 

is false if n is odd (resp., true if n is even), and thus 3X n+ i^(Q n X n ■ ■ ■ 3Xiip[M'{X n+ i]]) is true 
if n is odd (resp., false if n is even). Rewritten to prenex form, this is means that the QBF in (|j) for 
n + 1 is false if n is odd (resp., true if n is even). □ 

We note that in the proof of the previous result, the fact that abnormality letters are local to a 
NAT block plays an important role for the complexity of model checking. The precise extension 
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of these letters is a priori unknown; an exponential search space may need to be explored to find a 
suitable extension which satisfies the propositional formulas in a block. By eliminating this source 
of complexity, model checking becomes easier. This motivates the following concept. 

Definition 4.4 We say that a block B = {C : B\, . . . , B rn } allows polynomial model completion 

if, given any model M of B, a model M* is computable in polynomial time (as a function f(M, B) 
ofM and B), such that M* is a witness extension ofM w.r.t. B ifM \= B. A NATT = B±, . . . , B n 
allows polynomial model completion, if each block Bi allows polynomial model completion. 

Note that in general, assessing whether a block allows polynomial model completion is a hard 
(intractable) problem. There are some important cases, though, where this can be ensured. Namely, 
if the abnormality letters ab are used to minimize or maximize other letters p, to which they are 
connected e.g. by equivalences ab <-> p or inequivalences ab <-> -<p, respectively (this will be 
further explored in Section |(x2|). We obtain the following result. 



Theorem 4.12 Let B = {C : B±, . . . , B m } be any block that allows polynomial model completion 
such that nd(B) < k, for constant k > 0. Then, model checking M \= B is in D£_|_ r Moreover, if 
each Bi ^ C allows polynomial model completion, then deciding M \= B is in n^ +1 . 

Proof: Given M, by hypothesis and Proposition |4.1| , we can complete it in polynomial time to a 
model M* such that M \= B iff M* is a (Ab; C)-minimal model of B u . . . , B rn . By Lemma p], 
each test M \= Bi is in Sj^r ^. Furthermore, deciding whether some model M' <.Ab,c M* exists 
such that M' \= Bi, for i = 1, . . . , m is in we can guess such an M' and for every i € 

{1, . . . , m} a polynomial-size "proof" for M' \= Bi which can be checked with the help of a 
oracle in polynomial time. Thus, deciding M \= B is reducible in polynomial time to a conjunction 
of problems in and n^ +1 . Since these problems are in D^ +1 and this class is closed under 
polynomial conjunctive reductions, it follows that deciding M \= B is in D£ +1 . If each B { £ C 
allows polynomial model completion, then by what we already showed deciding M \= Bi is in 
for every i = 1, . . . , to. Thus, deciding whether no model M' <Ab-,c M* exists such that M' \= Bi 
for all i = 1, . . . , m is in n^ +1 , which means that M \= B is reducible in polynomial time to a 
conjunction of problems in n^ +1 . Since n^ +1 is closed under polynomial conjunctive reductions, 
it follows that deciding M \= B is in n^ +1 . □ 

This membership result clearly generalizes from a single block to NATs T = B\ , . . . , B n com- 



prising multiple blocks, where each block Bi is as B in the statement of Theorem |4.12| . We remark 
that these upper bounds are actually sharp, i.e., have matching lower bounds, but omit a proof of 
this; for the case of nested polynomial model completion, a proof of n^ +1 -hardness is subsumed by 



the reduction in Theorem 4.11, if we take X n+ \ to be empty (and thus can eliminate the formulas 
if g and <p c there). 

We note that Theorem 112 also shows that the construction in the proof of Theorem 4.11 uses 
abnormality letters which are hard to complete in the right place (thus revealing the source of com- 
plexity), namely in the outermost block (and nowhere else). Indeed, moving them elsewhere would 
lead to a decrease in complexity and the reduction would fail. 
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A final observation is that in the proof of the hardness part of Theorem 4.9, the NATs Tj con- 
structed allow polynomial model completion. Thus, different from the case of model checking, this 
property does not lower the complexity of inference from NATs. 



5 Horn NATs 

In this section, we consider a restricted class of NATs, which generalizes Horn theories. Notice 
that Horn theories are an important class of theories in knowledge representation, and the applica- 
tion of the circumscription principle to Horn theories is underlying the semantics of several logic 
programming languages, as well as expressive database languages such as DATALOG Cfrc ph. 
Recall that a clause is Horn, if it contain at most one positive literal. 

Definition 5.1 We call a block {C : B±, . . . , B n } Horn, if each Bi is a Horn CNF (i.e., a conjunc- 
tion of Horn clauses) if Bi 6 C, and recursively Bi is Horn otherwise. A NATT is Horn, if each of 
its blocks is Horn. 



Example 5.1 NAT T in Example [O] is not Horn, because block B contains non-Horn formula 
b A ->ab — > /. However, if we define block B' as: 

{/ : b -> /, c -> b, c}, 

then NAT T, defined as: 

{/: /-a&, B'}, 

is indeed Horn. We can regard B' as a "simplified" theory in which a bird always flies. □ 

As for the complexity, it was shown in [§] that deciding CIRC((^; P; 0) |= ->u, where ip is a 
prepositional Horn CNF and u is an atom, is coNP-complete. As a consequence, already for Horn 
NATs T without nesting (i.e., nd(T) = 0), inference is intractable. 

We thus address the following two questions: Firstly, are there cases under which (arbitrarily 
nested) Horn NATs are tractable, and secondly, does nesting increase the complexity of Horn NATs? 
In the following subsection, we show that Horn NATs without fixed letters are tractable, and that, 
fortunately, nesting does not increase the complexity of Horn NATs. The latter result is not imme- 



diate and has some implications for rewriting NATs, as will be discussed in Section 6.1 



5.1 Horn NATs without fixed letters 

In this subsection, we consider the fragment of Horn NATs in which no fixed letters are allowed. 
That is, each letter p except the special abnormality letters must be described in any block. Note 
that in this fragment minimization of letters p is still possible, via an auxiliary atom ab p 6 Ab and 
Horn axioms p — > ab p , ab p — > p which are included in the NAT. 
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We can view Horn NATs without fixed letters as a generalization of (prepositional) logic pro- 
grams, which consist of Horn clauses a <— b\, . . . ,b n , and whose semantics is given in terms of the 
least (Herbrand) model, which amounts to parallel minimization of all letters. By the above method, 
any such logic program II can be easily transformed into a logically equivalent NAT; if P is the set 
of letters, simply construct Tjj = {P : II, p — > ab p , ab p —fp,p£ P}, where At = P U Ab and 
Ab = {abp | p G P}. However, NATs offer in addition nesting, and furthermore some of the letters 
may float to minimize the extension of other letters. 

It is well-known that model checking and inference of literals from a logic program is possible 



in polynomial time (cf. [|12|]). It turns out that this generalizes to Horn NATs without fixed letters, 
which can be regarded as a positive result. In fact, as we shall show, any such NAT can be rewritten 
efficiently to a logically equivalent Horn CNF. 

In what follows, let us call any (P; Z)-minimal model of a NAT T such that P = At \ Ab and 
Z = a minimal model of T. 

Theorem 5.1 Let T be a Horn NAT without fixed letters. Then, (i) T has the least (i.e., a unique 
minimal) model M(T), and (ii) T is equivalent to some Horn CNF <f(T). Furthermore, both f(T) 
and M(T) are computable in polynomial time. 

Proof: Let, for any Horn CNF ip and interpretation M, be ip M the Horn CNF which results from ijj 
after removing from it any clause which contains some literal (-<)abj S Ab such that M \= (-<)abj 
and removing all literals (-<)abj such that M (-<)abj from the remaining clauses. 

Let T be a single block B = {Z : B 1: . . . ,B n }, where Z = At \ Ab. Define the Horn CNF 
<p(B) recursively by 

<P(B) := A Bi ec£f°AA Bi ^(£i), 
where M = M (B) is the least model of the Horn CNF 

^( B ) : =AB i6 £^ A A Bi ^^i)- 
Furthermore, define 

M(B) := M [At \ Ab] (= M [Z]). 

Then, by induction on nd(B) > 0, we show that (i) M(B) is the least model of B, and (ii) ip(B) is 
logically equivalent to B. 

(Basis) If nd(B) = 0, then every B { is a Horn CNF, and both (p(B) = A; and if){B) = 
Ai-Bi are Horn CNFs. The block B is equivalent to 3Ab.CIRC(ip(B); Ab; Z), i.e., modulo Ab 
to CIRC(V>(-B); Ab; Z). Since ip{B) is a Horn CNF, it has the At; 0-least (i.e., a unique (At; 0)- 
minimal) model Mq. Notice that for every disjoint sets of atoms P and P' such that PUP' = At and 
any model M of ip(B), it holds that M <p-p* M. Consequently, the projection M(B) := M [Z] 
is the unique minimal model of B. Thus item (i) holds for B. Furthermore, if M* is a witness 
extension of any model M of B, then M* must coincide on Ab with M , i.e., M*[A6] = M [A6]. 
Thus, after fixing the value of each atom abj G Ab as in Mq, the formula if)(B) describes all models 
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of B. That is, <p(B) = A; Bf I(> is equivalent to B. Thus item (ii) holds for B. 

(Induction) Assume the statement holds for all B with nd(B) < m, and consider m + 1. By 
the induction hypothesis, every Bi in B is equivalent to ip{Bi). Thus, B is equivalent to the block 
B' = {Z : B[, . . . , B' n }, where B[ = B { if B t € C and B[ = <p(Bi) if B t <£ C. Since nd(B') = 
0, by the induction hypothesis B' has the least model M(B') and is equivalent to tp(B'). Since 
tp(B) = 4>{B'), we have M Q (B) = M (B') and ^(5) = <p(B'). Thus, the statement holds for B, 
which concludes the induction step. 

Let us now estimate the time needed for computing M(T) and <p(T), respectively. For this 
purpose, let for any formula a, block B, NAT T, etc denote ||a||, ||5||, ||T|| etc the representation 
size of the respective object. 

Obviously, we can compute <p(B) bottom up. For the Horn CNFs ip(B) and <p{B), we have 
||^(-B)|| < ||B|| and \\<p(B)\\ < \\B\\. Of the model M , we only need its projection M [V] 
to the set of atoms V which occur in B; all other atoms are irrelevant for computing ip(B). We 
can compute Mo [.A] from ip(B) in 0(||JB||) time; recall that the least model of a Horn CNF a is 
computable in 0(||a||) time, cf. []38|]. Furthermore, we can compute A_B;e£ fro m Md[A] in 
0(||JB||) time. Overall, it follows that for T = B, we can compute both ip(T) and its least model 
M(T) in time 0(#b(T)\\T\\), where #b(T~) is the number of (recursively occurring) blocks in T, 
thus in polynomial time. 

By Proposition |4.2| , we can replace a multiple block NAT T = B±, . . . , B n by the single block 
NAT T = {At \ Ab : B±, . . . , B n }, which is Horn and without fixed letters, and obtain analogous 
results. □ 

Using sophisticated data structures, the (relevant parts of the) models Mq{B) in the proof of 



Theorem 5.1 can be computed incrementally, where each clause in <p{B) is fired at most once. The 



data structures refine those used for computing the least model of Horn CNF (see e.g. [|38[]). Overall, 
ip(T) and M(T) are computable in 0(||T||) time. We thus have the following result: 

Theorem 5.2 (Flat Normal Form) Every Horn NATT without fixed letters can be rewritten to an 
equivalent Horn NAT {Z : ip} without fixed letters, where tp € C is a Horn CNF, in 0(||7~||) time 
(i.e., in linear time). 

Thus, nesting in Horn NATs without fixed letters does not increase the expressiveness, and can 
be efficiently eliminated. We remark that our normal form result has a pendant in query languages 
based on fixpoint logic (FPL), which is first-order predicate logic enriched with a generalized quan- 
tifier for computing the least fixpoint of an operator, defined in terms of satisfaction of a formula 



(see [27, 29] for details). It has been shown [27, E9T] that over finite structures, nested use of the 



fixpoint operator can be replaced by a single use of the fixpoint operator. Our result, however, dif- 
fers in several respects. FPL is an extension to first-order logic, while strictly speaking, NATs are 
second-order prepositional theories. Furthermore, FPL has higher expressiveness than the under- 
lying logic, which is not the case for Horn NATs without fixed letters. Finally, the complexity of 
rewriting is not a concern in [^7|, |2^] which focus on the existence of equivalent formulas without 
nestings, rather than on efficient computation. 
We note some easy corollaries of Theorem [ 
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Corollary 5.3 Deciding the satisfiability of a given Horn NAT T without fixed letters is polynomial. 



Corollary 5.4 Model checking for a given Horn NAT T without fixed letters and model M is poly- 
nomial. 

The latter result will be sharpened in the next subsection. For the inference problem, we obtain 
the following result. 

Theorem 5.5 Given a Horn NAT T without fixed letters and p G C, deciding T \= ip is coNP- 
complete. If (p is a CNF, then the problem is polynomial. 



Proof: By Corollary 5.4, the problem is clearly in coNP. The coNP-hardness part follows from 
coNP -completeness of checking the validity of a given formula <p € C (ask whether {Z : ip} \= ip, 
where ip is any tautology and Z contains all letters occurring in ip). 

Wecan reduce T |= tp to ip(T) \= ip in 0(||T||) time, where tp{T) is a Horn CNF. If ip = [\™ =1 a, 
is a CNF of clauses on, the latter can be checked in 0(m||y>(T)|| + ||Y>||) time, thus in 0(to||T|| + 
time (check ip(T) \= cti, which needs 0(||<p(T)|| + ||aj||) time, for all i G {1, . . . .m}). □ 



5.2 Horn NATs with fixed letters 

The fragment of Horn NATs where fixed letters are allowed generalizes, in a sense, the query lan- 
guage DATALOG Circ considered by Cadoli and Palopoli [10].[] In this language, circumscription 



is applied to a conjunction of non-negative Horn clauses, which describes an intensional database, 
viewing fixed predicates as "free" predicates for which any possible extension is considered, while 
the other predicates are minimized or floating, respectively. Thus, DATALOG Circ programs can be 
viewed as unnested Horn NATs. 

As we have shown in the previous section, inference from a Horn NAT without fixed letters is 
coNP-complete, while model checking is polynomial. As we now show, the presence of fixed 
letters in Horn nestings does not add complexity, i.e., reasoning stays coNP-complete and model 
checking remains polynomial. 

These results build upon the fact that model checking for a Horn circumscription ClRC(ip; P; Z), 
which may have fixed letters, can be polynomially reduced to model checking for a Horn circum- 
scription without fixed letters. Given an interpretation M, just check whether M is a model of 
CIRC (ip A <Pm,Q', P; Z U Q), where p>m,q is a conjunction of literals that fixes the values of the 
letters in Q to the value as given in M. Clearly, the formula ip A p>m,q is Horn. 

Now the same method work recursively in a nested circumscription as well; we end up with a 
Horn NAT that has no fixed letters. For such a NAT, model checking is polynomial as we have 
shown in the previous section. Overall, this means then that we have a polynomial time procedure 
for model checking in the case of Horn NATs with fixed letters. 



4 Strictly, this applies to the propositional fragment of DATALOG c " c . The datalog setting of JIo| ] is covered by the 



generalization of NATs to the first-order case discussed in Section 5.3 
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More formally, we define the transformation a(M, B), where M is any model and B is either a 
formula from £ or a block, as follows: 



a(M, B) 



ip, if B = ip £ C; 

{ZUQ:c P Q ! M,a(M,B 1 ),... ,a(M,B m )}, if B = {Z : B u . . . ,B m } 

and Q = At\(ZU Ab) is 
the set of fixed letters in B, 



where (p QtM = f\ qeQnM q A f\ qeQ \ M Furthermore, we define 

a(M, T) = J\ a(M, B) 
BeT 

for any interpretation M and NAT T. Observe that a(M,B) and a(M,T) have no fixed letters. 
The following lemma states that by the transformation a(M,T), fixed letters can be eliminated 
gracefully for the purpose of model checking. 

Lemma 5.6 For any NAT T and interpretation M, we have that M \= T if and only if M \= 
a(M, T). 

Proof: By definition of M \= T, it remains to show that the statement holds for any T which 
consists of a single block B = {Z : B\, . . . ,B m }. This is accomplished by induction on the 
nesting depth n > 0. 

(Basis) For n = 0, we have Bi = tpi G C, for all i € {1 . . . ,m}. Suppose first that M \= 



a(M, B). By Proposition 11, there is some witness extension M* of M w.r.t. a(M, B) which is 
an (Ab; Z U Q) minimal model of B\, . . . , B m and tpq : M- We claim that M* is a (Ab; Z)-minimal 
model of B\, . . . , B m . Indeed, suppose that some M' <Ab-.z M* exists such that M' \= B\, 
... , M' \= B m . Since M' \= tpQ jM must hold, it follows that M* is not a (Ab; Z U <3)-minimal 
model of B\, . . . , B m and (Pq : m- This is a contradiction. Thus, M* is a (Ab, Z)-minimal model 
of B 1 , . . . , B m . Hence, M \= B. 

Conversely, assume that M \= B. Then, some witness extension M* of M w.r.t. B is a (Ab; Z)- 
minimal model of B\, . . . , B m . By the definition, M* \= (Pm,q- Thus, M* \= tp where = 
<Pm,q A B\ A ■ ■ ■ A B m . We claim that M * is a (Ab; Z U Q)-minimal model of tp. Towards a 
contradiction, assume that some M' ^Ab,zuQ M* exists such that M' \= ip. Then, we must have 
M*[Q] = M'[Q]. Thus, M' is a model of B x , . . . , B m such that M' < Ab . z M*. This means that 
M y= B, which raises a contradiction. Therefore M* is an (Ab; Z U Q)-minimal model of <Pm,q, 
B\, . . . , B m . Consequently, M \= a(M, B). This proves the claim and concludes the case n = 0. 

(Induction) Suppose the statement holds for n > 0, and consider the case n + 1. Let B = {Z : 
B 1 ,... , B m }. Then, a(M, B) = {Z U Q : tp M ,Q, a(M, B ± ), ... , a(M, B m )}. By the induction 
hypothesis, we have that M \= Bi iff M \= a(M,Bi), for all i £ {1, . . . ,m}. Using similar 
arguments as in the case n = 0, we can see that M \= B holds precisely if M \= a(M, B) holds. □ 



By combining Lemma p.6| and Corollary |5.4| , we thus obtain that model checking for Horn NATs 



is polynomial. A careful analysis of the required computation effort reveals the following result. 
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Theorem 5.7 Model checking for Horn NATs, i.e., deciding whether M \= T for a given interpre- 
tation M and a Horn NATT, is possible in 0(\\T\\) time, i.e., in linear time in the input size. 



Proof: A simple, yet not immediately linear time method is to check that M \= B for each block 
B = {Z : Bi, . . . , B m } from T by exploiting Lemma [5l] as follows: 



1. recursively check that M \= Bi, for each Bi £ C; 

2. compute the least model M' Q of the Horn CNF ip'(B) = <pq,m A A_B;e£ ^i', 

3. check whether M is a model of tjj 1 (B)[Mq[A1)]}. 

Note that this method is related to constructing the Horn CNFs ip(B) and tp(B) for a Horn block B 



without fixed letters in the proof of Theorem 5A . Step 2 can be done in time O (max( \At\ , (B) || )) 
and Step 3 in time 0(||^/(.B)||). These upper bounds, however, may be reached and exceed 
0(||{Z : B^, . . . ,Bi t }\\), where the B^ are those blocks in B which are not from C. If this 
happens recursively, the total time of the method fails tobeO(||B||))as desired. 

In Step 2, we can replace \j)'{B) by ip"(B) = f\ B . eC Bi[M[Q]] and compute the least model 
Mq of ijj"{B) on the letters occurring in it; this is feasible in 0(X).B-ec ll-^ll) ti me - I n Step 3 
then, we can replace f \B){M^[Ab}} by ip" (B)[M^ [Ab]\; checking whether M \= ip" (B)[M^ [Ab]\ 
is feasible in 0(^ B . g £ \\Bi\\) time. Thus, the revised Steps 2 and 3 can be done in 0(||{Z : 
Bi x , ... , -BjjIH) time. This implies that checking M \= B is feasible in 0(||_B||) time, from which 
the result follows. □ 



Furthermore, we obtain from Lemma qj, Corollary and the intractability result for Horn 
circumscription in [Q] the following result: 

Theorem 5.8 Deciding, given a Horn NAT T and a propositional formula <p, whether T \= <p is 
coNP -complete. Hardness holds even ifT has nesting depth 0, and (p is a negative literal ->u. 

This means that nesting is not a source of complexity for model checking and inference from 
Horn NATs, which can be viewed as positive result. 



6 Further Issues 

In this section, we consider possible extensions of the results in the previous sections to other rep- 
resentation scenarios. We first address the class of £ciRC formulas and of NATs which do not have 
fixed letters; as we have seen in the previous section, the presence of fixed letters did not matter for 
the complexity of Horn NATs. We then turn to a linguistic extension of NATs which has explicit 
maximization and minimization of letters as primitives. While this extension does not increase the 
expressiveness of NATs in general, it has some effects on restricted NAT classes, and in particular 
on Horn NATs. Finally, we briefly address the generalization of £cmc an d NATs to the predicate 
logic setting. 
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6.1 £cmc formulas and NATs without fixed letters 



In Sections 3. 1 and 1.2, we have considered £circ formulas and NATs in a general setting which al- 
lows for fixed letters in circumscriptions, and we have seen in the previous section that the presence 
of fixed letters does not matter for the complexity of Horn NATs. 

As shown below, fixed letters can be removed from Cqirc an d NAT theories, respectively, by 
simple techniques. By exploiting them, the hardness results of Sections 3T and A2 can be sharpened 
to theories without fixed letters. 



6.1.1 Eliminating fixed letters from a £circ formula 



De Kleer and Konolige have shown [ |15| ] a simple technique for removing the fixed letters from an 
ordinary circumscription. The same technique can be applied for formulas from £circ as well. 
More precisely, let ip = CIRC^; P] Z) be a circumscriptive atom. Then, 

1. For each letter q £ P U Z, introduce a fresh letter q', and add both q, q' to P; 

2. add a conjunct q <-» ->q' to i/j. 

Let ip' = CIRC P'; Z) be the resulting circumscriptive atom. Then, the following holds. 

Proposition 6.1 Modulo the set of all auxiliary letters q', the formulas <p and p' are logically equiv- 
alent. 

Using this equivalence, we can eliminate all fixed letters from a formula a € £circ> by replacing 
each circumscriptive atom ip in a with <p>' , where the fresh atoms q' are made minimized inside ip' 
and outside <p. Note that the resulting formula a' has size polynomial in the size of a. 



6.1.2 Eliminating fixed letters from a NAT 

Every fixed letter q can be removed from a NAT T similarly as from a formula ip 6 £circ- How- 
ever, we must take into account that a fixed letter q may not be simply declared as a minimized letter 
in the rewriting, since there is the special set Ab of minimized letter which has restricted uses. We 
surpass this as follows: 

1. Introduce, for each fixed letter q, two special abnormality letters ab q and ab' q in Ab; 

2. add the formula (q <-> ab q ) A (ab q <-> -<ab' ) as a new block in each block B occurring in T 
where q is fixed; 

3. declare q as described (i.e., floating) in each block occurring in T. 

Let T be the resulting NAT (which has an extended set of abnormality letters, Ab U Ab'). Then, 
we have: 

Proposition 6.2 Modulo the set Ab' of auxiliary letters, the NATs T and T are logically equivalent, 
i.e., have the same sets of models. 



25 



Note that the rewriting adds 0(|,A£[) symbols in each block, and is feasible in 0(|-Ai| -#fe(T)) 
time, where #b(T) is the number of (recursively occurring) blocks in T. Furthermore, observe that 
the method uses non-Horn clauses. This is not accidently; from the tractability result for inference 



of a CNF from a Horn NAT without fixed letters (Theorem 5.5) and the intractability of inference 
of a literal from a Horn circumscription we can infer that there is no simple polynomial-time 
rewriting method which uses only Horn clauses, unless P = NP. This is also possible if we allow 
T to be any Horn NAT without fixed letters (not necessarily equivalent) and the query to be replaced 
by any CNF <//, such that T |= ip is equivalent to T \= ip' for the query ip at hand. 

6.2 Maximizing and minimizing predicates 



In his seminal paper [35], Lifschitz discussed two explicit constructs minp and maxp for defining 
a minimal and a maximal extension of a letter p in a NAT, respectively. These constructs are easily 
implemented by using designated abnormality letters. 

Definition 6.1 An extended block is any expression 

{C;mmC~;maxC + :B 1 ,...,B m }, (5) 

where C, C~ , and C + are disjoint sets of atoms from At \ Ab; if empty, the respective component 
is omitted. Intuitively, the letters in C are defined as usual while for those in C~ (resp., C + ), a 
minimal (resp., maximal) extension is preferred. An extended NAT is a collection T = B\, . . . , B n 
of extended blocks. 



Example 6.1 Let us consider model-based diagnosis at a superficial level. In Reiter's approach 
[12], a diagnosis problem consists of a system description SD, a set of observations OBS (which 
are facts), and a set of components COMP = {c±, ... , c m } in the system. SD is a set of axioms 
which describe the structure and the functioning of the system, using designated atoms oki which 
informally expresses that component Cj works properly. A diagnosis is a minimal set A C C such 
that SD U {OBS} U {-<oki \ a G A} U {okj \ cj G COMP \ A} is satisfiable. That is, A assumes 
as little malfunctionings as needed to explain the observations (equivalently, as many components 
as possible are assumed to work properly). 

Assuming a modular system design, each component c, may be represented as a block Bi = 
{oki, V{ : . . . }, where inputs are passed to Bi via variables that are fixed, and outputs from q are 
modeled by variables Vi which are described, together with a variable oki which indicates whether 
Bi works properly. The components may be linked by some axioms ipx, ... , ip n , such that B = 
{V; maxofcx) • • • , ok m : ipi, . . . , ip n , B\, ... , B rn } represents the system. Then, the models of 
T = B,{ : OBS } correspond to the diagnoses of the system. If a block Bi is hierarchically 
composed, further nesting of blocks may be used in the modeling. 

As an example, consider the following very simplified model of a Web server for electronic com- 
merce, composed of two modules: 
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1. an application server, with features for the client interface and the interaction with the database 
system, 

2. a database system storing data on customers, orders, etc. with a query that must be executed 
on it for each interaction with the client. 

The modules can be, respectively, modeled by means of the following blocks: 

1. B\ = {ok±, V\ : ciAdbAoki — > V±}, where ci and db mean, respectively, that the interaction 
with the client and the database system have been performed; 

2. B 2 = {ok2, V 2 : V\ A q A ok 2 — * V 2 , V\ A ->q — > -<ok 2 }, where q means that the query has 
been executed. 

Description of the entire system can be made by means of the following block: 

B = {V, V u V 2 ; maxofo, ok 2 : Vy A V 2 -+ V, B u B 2 }, 

where V is a new symbol. The above description can be used, for example, during the test phase 
of the Web server, in which interaction with one client is simulated. During such a phase, an 
administrator checks whether the query and the interactions between modules have been performed. 
Now, assume that the administrator determines that interactions with the client and the database 
system have been performed, but the query has not been executed, i.e., the set of his observations is 
OBS = {d, db, -<q}. It is easy to determine that the diagnoses of the system correspond to either 
{->oki}, or {^ok 2 }, i.e., one subsystem is malfunctioning, but not both. □ 



Other examples for the use of maximization can be found in [p5[]. 

Formally, the semantics of an extended block B as in (|5|) can be defined by a transformation (-)° 
to the ordinary block 

B° = {C U C~ U C + : Vc - 1 <p c+ ,B 1 ,... ,B m }, (6) 

where tpc- = A P £C-(P ~~ * a M and (pc+ = A p gc+(~" 2 ^p ~~ > P)> an( ^ eacn ^ s an abnormality 
letter not used in any Bi which is a formula from C. For any extended NAT T = B\, . . . ,B n ,we 
then define T° = B°, . . . , B°. 

Thus, the constructs min and max do not increase the expressiveness of NATs in general. How- 
ever, we have a different picture in restricted cases. In particular, maximization of letters increases 
the expressiveness of Horn NATs. As follows from the next theorem, extended Horn NATs climb 
the levels of PH closely behind general NATs as the nesting depth increases (at one level distance for 
inference and satisfiability, and at two levels for model checking), and they are PSPACE-complete 
for unbounded nesting depth. Note that maximization in Horn NATs is useful. In the diagnosis ap- 



plication of Example 5.1, the axioms describing the system might be Horn; for example, the clauses 
in\ A in 2 A ok g — ► out, out A ok g — > in\, and out A ok g — » in 2 may describe a logical and-gate g 
whose output is true, if working properly, exactly if both inputs are true. Note that in the particular 
diagnostic Web-Server scenario, all formulas in T are Horn clauses except V\ A ->q — > -<ok 2 , which 
can be easily rewritten to a Horn clause. 
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We need some auxiliary results, which are of interest in their own right. In what follows, we 
denote for any block B by SBl(B) the set containing B and all blocks B' that recursively occur in 
B, and for any NAT T = B\, . . . ,B n , we define SBl(T) = \J? =1 SBl(Bi). 

Proposition 6.3 Let B be any block such that for every B' G SBl(B), (i) B' allows polynomial 
model completion, and (ii) model checking M \= B' is polynomial if nd(B') = 0. Then model 
checking M \= B is in U^. 



Proof: The proof is similar to the proof of the n^ +1 -membership part in Theorem 4. 12 for the case 
of polynomial model completion, but exploits that in the base case (nd(B) = 0), model checking is 
polynomial rather than in coNP = . □ 

Proposition 6.4 Let T be any extended Horn NAT. Then, every block B G SBl(T) allows polyno- 
mial model completion. 

Proof: Let B = {C; minC - ; maxC + : B\, . . . , B rn }. Without loss of generality, we assume 
that C~ is empty, i.e., the min-part is missing: since the formula tp c - is Horn, we may add it 
in B while keeping the Horn property and move C~ to the ordinary defined letters C. Suppose 
that Bi, . . . , Bi (Z < m) are all blocks Bj that are formulas (i.e., Bj G C), and let ip be their 
conjunction. Let M be the model to be completed. Define 

ip' = ip A f\ p A /\ ab p A A -ip A A ~^ab p . 
pe(At\Ab)nM peC+nM peAt\(AbuM) p gc*+\m 

Note that ip' is Horn, and thus, if satisfiable, it has the unique least model M' , which obviously 
coincides with M on the atoms in (At \ Ab) U {ab p \ p € C + } and is computable in polynomial 
time. 

Consider the transformed block B° = {C U C + : ip c +,Bi, ... , B m }. We claim that M \= B if 
and only if M' is a (Ab] C U C + )-minimal model of ip c+ , B\, . . . , B rn . By Proposition |4.1[ , the 
if-direction is immediate. For the only-if direction, suppose that M \= B. Then, by Proposition fO| , 
there exists a witness extension M* of M which is a (Ab; C U C + )-minimal model of ipc+, B\, 
. . . , B m . Since M and M' coincide on At \ Ab and each atom ab p , p G C + occurs only in tpc+, 
the minimality of M* implies that M* and M' coincide on (At \ Ab) U {ab p \ p G C + } and thus 
M* |= ip'. Since M' is the least model of ip 1 , it follows M' <Ab-,cuc+ M*. By construction, 
M' \= ip c +, and M* \= B { implies that M' |= B { , for each block Bj where j G {1 + 1,... , m}. 
Thus, from the minimality of M*, we conclude that M' = M* . This proves the claim. □ 

Theorem 6.5 For extended Horn theories T, ( i) model checking M \= T, ( ii) inference T \= ip, 
and (Hi) deciding satisfiability are PSPACE-complete. Furthermore, (i) is polynomial if k = 
and -complete if k > 1, (ii) is H^ +1 -complete, and (Hi) is T,^ +1 -complete, ifnd(T) < k for a 
constant k > 0. 



Proof: For the membership parts, by Theorems [4.9[ , [4.1 1| and Corollary 4.1C| , it remains to show 



the statement for bounded nesting depth. From Propositions pA\ and p3, this is easily seen to 
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hold, provided that model checking M \= B for any extended Horn block B = {C; maxC + : 
B\, . . . , B m } such that nd(B) = is polynomial. 
To prove the latter, let M' be the least model of the Horn CNF tp 1 constructed from B in the 



proof of Proposition SA. As shown there, M \= B iff M' is a (Ab; C U C + )-minimal model of 
<Pc+, B\, . . . , B m . We can check M' \= <p c + and M' \= Bi for all Bi easily in polynomial time. 
Furthermore, we can check (Ab; CuC + )-minimality of M' by testing whether each of the following 
Horn CNFs ip e is unsatisfiable. Let F + = Mn(At\(AbUC)) and F~ = At\(MuCuC + U{ab p \ 
p G C+}). For each literal t G (C + \ M) U {^ab \ ab G M n (A6 \ {a6 p | p G C + })}, define 

m 

^ £ = £A f\ pA /\npA 

pdF+ p€F- i=l 

that is, we fix the "interesting" letters which are not defined in S to their values in M', fix each letter 
from C + which is true in M 1 , and fix each "regular" abnormality letter (not introduced for a letter 
in C + ) which is false in M'\ furthermore, I serves to increase one letter in C + (resp. decrease one 
regular abnormality letter) compared to M' . Thus, no model M" exists such that M" <m-CuC+ M' 
iff each tp£ is unsatisfiable, which can be checked in polynomial time. In summary, testing whether 
M' is an (Ab; C U C + )-minimal model of tp c + ,B\,... , B m , and thus whether M \= B, is possible 
in polynomial time. This concludes the proof of the membership parts. 

The hardness proofs for (i) and (ii) are obtained by slight modifications of the reductions in the 
proofs of Theorems ft. 11 and 4.9 (i.e., Lemma 4.7). The hardness proof for (hi) follows from the 



hardness proof of (i), since the formula ip in the reduction is a single literal and T (= <p iff the NAT 
T, { : -199} is unsatisfiable. 



For (ii), the modifications to the NATs T\, . . . ,T n in the proof of Theorem 4.9 are as follows: 



1. Drop in each Tik+\ (resp., 7^) the formula u <-> ab, (resp., u <-> ->ab), and declare u 
minimized (resp., maximized). 

2. Introduce for each letter p G At \ (Ab U {u}) (=: A) a fresh letter p'; intuitively, p' serves for 
emulating the negation of p. This is accomplished by adding in T\ an extended Horn block 
B^. = I max A, A' : /\ p€ a(^P V ~'P / )}- Informally, the parallel maximization of p and p' 
generates two models; one has p true and p' false, and the other has vice versa p' true and p 
false. In this way, p' is defined as the complement of the p. 

3. We replace in T\ the formula (p = if) V u by the Horn CNF tp' = f\ ■ - =1 (7^ V u) , where w.l.o.g. 
tp = Aj=i lj i s conjunction of clauses and 7^ results from jj by replacing each positive 
literal x by the negative primed literal -ix'. 

4. We let p' be described in the same NATs T- where p is described, for each p G A. 
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The resulting NATs, denoted T\, . . . , T n , are thus as follows: 
fi = {Xi,X[; minu : tp, B^}, 

f 2k = {X X ,X[,... , X 2k , X' 2k , max u:f 2k ^}, for all 2k G {2, . . . , re}, 
T 2k+ i = {Xi,X[,... ,X 2k+1 ,X 2k+1 ; minit : f 2k }, for all 2k + 1 G {3, . . . , n}. 

Observe that nd{T n ) = re. It is easily seen that modulo the new letters, Tj and Tj have the same 
models, for j = {!,... , re}. Thus, the hardness result for (ii) follows. 



For (ii), the modifications to the NATs T{, . . . , T' in the proof of Theorem 4.11 are similar to 
those in (i), but with the following differences: 

• We perform the reduction with empty X n+ \, i.e., we suppress the leading quantifier Q n X n+ i ; 
the formulas p g and <p c are removed from T' n (they are tautologies). 

• In step 3, instead of ip = ifi V u we replace in T{ the formula ip V u V {X n A v) by the Horn 

CNF (p> = A} =1 /W„um(75 V V u). 

The resulting NATs, denoted Tj, are for odd n > 1 thus as follows (for even re, they are analogous): 



f{ 


= {X\ , X[ ; 


minw : ip' , (X n At))-m, B^}, 






t' 


= {X\ , x[ , 


■ ■ ■ ,X 2k ,X' 2k ; maxn : T^}, 


for all 2k e {2,... , n 




f' 

1 2k+l 


= {X\ , x[ , 


. . . ,X 2k+ x,X 2k+1 ; minu : T 2k }, 


for all 2k + 1 G {3, . . . 


,n - 


r 


= {X\ , x[ , 


■ ■ ■ ,X n ,X' n ,v,v'; minu : f^}. 







Notice that nd(T^) = re. Modulo the new letters, Tj and 7~f have the same models, for j € 
{1 . . . , re}. Thus, the hardness result for (i) follows. □ 

Note that model checking for extended Horn NATs resides in PH two levels below arbitrary NATs 
of the same nesting depth. The proof reveals that this can be ascribed to the benign properties that 
both model completion and polynomial-time model checking for an extended Horn circumscription 
(where maximization of letters besides minimization is allowed) are polynomial. Each of these 
tasks is a source of complexity, i.e., intractable for arbitrary NATs. In particular, for a collection 
of unnested extended Horn blocks, model checking is polynomial and inference is coNP-complete, 
which means that the latter can be polynomially transformed to a SAT solver. Likewise, for nesting 
depth 1, inference is n^-complete, and thus polynomially reducible to inference from an ordinary 
(non-Horn) circumscription, as well as to engines for knowledge representation and reasoning which 
are capable of solving IT^-complete problems, such as DLV [17, [22| ]. 

We finally remark that using maximization, fixed letters can be easily eliminated from extended 
Horn NATs similarly as from general NATs. (Namely, introduce in each block B for every fixed 
letter q a fresh letter qs, and add the clause -<q V -iqg in B and declare qs and q maximized; in all 
other blocks, let both q and qs float.) Thus, the complexity results for extended Horn NATs from 
above can be strengthened to theories without fixed letters. 
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6.3 First-order case 



In this paper, we have considered so far nested circumscription and NATs in a propositional lan- 
guage. There is no difficulty in extending the language £circ to the case of first-order predicate 



logic, along the definition of second-order parallel circumscription of predicates [33, 34]; the for 



mulation of NATs in [ ]35[ ] is actually for predicate logic. 



As shown by Schlipf Q45|], and further elaborated on in [|8j], circumscription is capable of express- 
ing problems at the H\ and IT^ level of the prenex hierarchy of second-order logic, and thus highly 
expressive far beyond the computable. Thus, also nested circumscription and NATs are highly unde- 
cidable in the general first-order setting. However, decidable fragments can be obtained by imposing 
suitable restrictions. 

An important such fragment is given if the theories include a domain closure axiom 

(DCA) \/x.(x = a Vi = c 2 V • • • Vi = Cn), (7) 

where c\ , . . . , c n are the (finitely many) constant symbols available, and the unique names axioms 

(UNA) a / cj, for all i G {1, . . . , n} and j G {i + 1, . . . , n}. (8) 

Such a setting is quite popular in KR and, in the absence of function symbols, in deductive databases, 
where it is also known as the "datalog" setting. It is essentially propositional, where in the datalog 
setting models correspond to Herbrand models over the given alphabet. The setting allows for 
a more compact representation, which on the other hand may lead to an exponential complexity 
increase. This is reflected in the complexity of £circ an d NATs in this setting. 

Theorem 6.6 Inference and satisfiability of a first-order £circ formula (resp., NATT) under DCA 
and UNA is EXPSPACE-complete. 

The upper bounds are straightforward by reducing a £circ formula (resp., NAT) to its equivalent 
ground instance, which is propositional and constructible in exponential time; functions f(x\, . . . , 
x n ) can be eliminated, as well-known, with polynomial overhead by introducing fresh predicates 
F(xi, . . . , x n , y) and axioms \/x\ ■ ■ ■ x n \3y.F(xi, . . . , x n , y) such that XyF(x\, . . . , x n , y) amounts 
to Xy(y = f(xi, . . . , x n )). The lower bounds for these results are obtained by a straightforward 



generalization of the QBF encoding in Lemma ^7| to encodings of sentences Q n PnQn-iPn-i 



VP23Piip of second-order logic, where each Pj is a list of predicate variables of given arities and ip 
is function-free first-order. For bounded nesting depth, the complexities parallel the respective lev- 
els of PH at its exponential analogue, the Weak EXP Hierarchy (EXP, NEXP, NEXP NP , NEXP S ^, 
. . . ). For example, inference tp \= ip of £circ sentences cp and ip is co-NEXP * -complete, if the 
nesting depth of p and tp is bounded by a constant k > 0. 

For model checking, things are slightly different. Under a common bitmap representation, in 
which M \= a for any ground atom a is represented by a designated bit, the complexity of model 
checking in £circ does not increase, since the (exponential) size of the explicitly given model M 
compensates the succinctness of implicit representation. 
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Theorem 6.7 Model checking for first-order £circ under DC A and UNA is PSPACE-complete. 

Notice, however, that the problem is PSPACE-hard already for sentences of CIRC-nesting depth 
0, i.e., for ordinary first-order sentences, since model checking for a given first-order sentence is 
PSPACE-hard. As easily seen, model checking for first-order NATs is also PSPACE-complete, if 
the arities of abnormality predicates used do not exceed the arities of the other predicates and the 
functions by a constant factor, which is expected to be the case in practice. Similar as for £circ> 
the problem is PSPACE-hard already for NATs of nesting depth 0. However, in the general case, 
the complexity can be seen to increase beyond NEXP; we leave a detailed investigation of this for 
further work. 



7 Comparison to Other Generalizations of Circumscription 

In this section, we briefly compare nested circumscription to some other generalizations of circum- 



scription from the literature, namely prioritized circumscription Q33| , |34[ ] and theory curbing Q20|]. 
Although there are several other generalizations, cf. []34j], the ones considered here are of particular 
interest since the former has close semantic relationships to nested circumscription, while the latter 
is similar in terms of the complexity. 

7.1 Prioritized Circumscription 

Prioritized circumscription [ j33"| generalizes circumscription CIRC (ip; P; Z) by partitioning the 
letters P into priority levels P\ >Pi > ■ ■ ■ > P n ; informally it prunes all models of 92 which are 
not minimal on Pj, while Z U Pi+\ U • ■ • U P n floats and Pi U • • • U Pj_i is fixed, for i = 1, . . . , n 



(cf. [|34|]). This can be readily expressed as the nested circumscription ip n , where 



if>! = CIRC(v9;Pi;ZUP 2 U---UP n ), 

V>; = CIRC(Vi_i;P;ZUP i+1 U---UP n ), i = 2,...,n. 

Thus, prioritized circumscription is semantically subsumed by £cmc- Compared to ordinary cir- 
cumscription, the complexity does not increase, as inference and model checking remain Ilf- 
complete and coNP-complete, respectively. 

Intuitively, the reason is that prioritization allows only for a restricted change of the role of the 
same letter in iterations (from floating to minimized and from minimized to fixed), which forbids to 
reconsider the value of minimized letters at a later stage of minimization. This enables a characteri- 
zation of the models of a prioritized circumscription as the minimal models of a preference relation 
<Pi,...,p n ;Z on the models, where M <p lr .. 1 p n - I z M' holds if and only if M and M' coincide on 
the fixed letters and either M and M' coincide on all Pi, or M is smaller than M' on the first Pj 
on which M and M' are different. This preference relation is polynomial-time computable. On the 
other hand, £circ formulas (and similarly NATs) permit that minimized letters are reconsidered at 
a later stage, by making them floating. This prevents a simple, hierarchical preference relation as 
the one for prioritized circumscription. 
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7.2 Theory Curbing 



Theory curbing is yet another extension of circumscription [20, 19]. Rather than the (hierarchical) 
use of circumscription applied to blocks, curbing aims at softening minimization, and allows for 
inclusive interpretation of disjunction where ordinary circumscription returns exclusive disjunction. 
Semantically, CURB (tp; P; Z) for a formula ip 6 C is the smallest set M. C mod(ip) which contains 
all models of CIRC(<^; P; Z) and is closed under minimal upper bounds in mod{ip). A minimal 
upper bound (mub) of a set M! of models in mod(tp) is a model M £ mod(<p) such that (1) 
M' <p-z M, for every M' G M.', and (2) there exists no N £ mod(tp) satisfying item 1 such that 
N < P . Z M'. 

Example 7.1 Suppose Alice is in a room with a painting, which she hangs on the wall p if he 
has a hammer (h) and a nail (n). It is known that Alice has a hammer or a nail or both. This 
scenario is represented by the formula <p in Figure [l[ The models of ip are marked with bullets; the 
desired models are {h}, {n}, and {h, n,p}, which are encircled. Circumscribing cp by minimizing 
all letters, i.e., ClRC(ip; {h, n,p}; 0) yields the two minimal models {h} and {n} (see Figure [I]). 
Since p is false in the minimal models, circumscription tells us that Alice does not hang the painting 




= (h Vn) A ((hAn) -> p) 



Figure 1 : The hammer-nail-painting example 

up. One might argue that p should not be minimized but fixed under circumscription. However, 
starting with the model of (p where h, n and p are all true and then circumscribing with respect to 
h and n while keeping p true, we obtain the smaller models {h,p} and {n,p}, which are not very 
intuitive. The remaining possibility is to let p float. However, this does not work either, since the 
circumscription CIRC(^; h, n;p) = {{h «-> -in) A -<p) is equivalent to CIRC(y>; h, n,p; 0) On the 
other hand, the model {h, n,p}, which corresponds to the inclusive interpretation of the disjunction 
h V n, seems plausible. Under curbing, we obtain the desired models from CURB^; h, n;p). □ 

Like for £ciRC an d NATs, inference and model checking for CURB(i^; P; Z) are PSPACE- 
complete [|^] in the prepositional context, and can be shown to have likewise exponentially higher 
complexity in the datalog setting (i.e., in a function-free language under DCA and UNA, cf. Sec- 
tion |Q| ). 

However, while the complexity is the same, curbing and NATs have different expressiveness, if we 
consider these formalisms as query languages for uniformly expressing properties over collections 
of ground facts, such as 3-colorability of graphs which are described by their edge relations. It turns 
out that curbing can express some properties which £circ an d NATs (most likely) can not express. 
For example, we can write a (fixed) interpreter Tj in this language for curbing varying prepositional 
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3CNF formulas ip, input as ground facts F{ip), such that the curb models of Tj U F(tp) and of ip 
are in 1-1 correspondence. Notice that curbing such 3CNFs ip is PSPACE-complete, and thus, by 
well-known results in complexity, this is not expressible by any fixed £circ formula or NAT (unless 
PH=PSPACE). 

We elaborate on this interpreter for propositional curbing in more detail. The constants represent 
the propositional atoms, and the clauses of ip are stored using 3-ary predicates Rq, i?2, and 
i?3, where Ri{x\, x%, X3) intuitively represents the clause V}=i x j v Vf=i+i ~^ x j- E-§-> ^2(0, c, b) 
represents the clause a V c V ->b. Unary predicates pvar and zvar are used for designating the atoms 
in P and Z, respectively. 

The theory Tj is as follows: 

Vsc, y, z. R (x, y, z) -> -t(x) V ^t(y) V 
Vx, y, z. Ri(x, y, z) -> t(x) V -.%) V -^t(z), 
Vx,y,z.R 2 (x,y,z) -> V V^i(», 
Vx,y,z.R 3 (x,y,z) -* t(x)V t(y) V 

Vx. <-> (pvar(x) A t(x)), 

Vx. <-> (^pvar(x) A -iZTOr(x) A 

Intuitively, t(x) means that x has value true. Here, the predicate p is minimized, while q is fixed 
and t is floating. 
The set of facts F(tp) contains 

1. for each clause (->)a V (-1)6 V (-i)c from y> the respective atom Ri(a, b, c); 

2. for eachp G P (resp., z € the atom pvar(p) (resp., £uar(z)); 

3. the negations of all other ground atoms (i.e., F(ip) is the CWA given the atoms in 1 and 2). 



Example 7.2 Reconsider CURB(y>; h, n;p) for the formula ip = (h V n) A (-1/1 V -in V ») (rewritten 
as a CNF) from Example |7.1| , Then, the constants are h,n,p. The positive facts in F(cp) are 
Rs(h, n, n) and /i, n) encoding the first and the second clause of ip, respectively (where we 
add a redundant disjunct n in the first clause), and pvar(h), pvar(n), and zvar(p). 

Note that Tj U F(tp) logically implies t(h) V t(n), t(p) V -i*(/t) V ^p{p), p{h) <-> t(7t), 

p(n) <-> i(n), -<q(h), ->q{n), and -<q(p). Thus, Herbrand models of Tj U -F((^) may differ only on 
the atoms t(n), t(p), p{h), and p(n). The feasible assignments of these atoms correspond to 
the models of ip. If M is a model of ip, then by assigning true to the atoms t(a) where a 6 M and 
p(a) where a £ Mfl {h, n}, we obtain a feasible such truth assignment. On the other hand, if M 
is a Herbrand model of CURBT/ U F((p);p; t), then {a \ t(a) € M} is a model of 99. Overall, the 
Herbrand models of Tj U F(tp) coiTespond 1-1 to the models of tp. □ 

The following proposition, whose proof is omitted, states that the interpreter works similarly in 
the general case. 
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Proposition 7.1 Under DCA and UNA, the models o/CURB(Tr U F(ip);p; t) and CURB(v2; P; Z) 
are in 1-1 correspondence. 

From results in Jl9|], we easily obtain that evaluating any given QBF $ (which is PSPACE- 
complete) is polynomially reducible to deciding CURB (tp, P; Z) \= ->a, where ip € C is in 3CNF 
and a is an atom. Thus, CURB(Tj U F(<p));p;t) \= ->t(a) expresses evaluating the QBF $ given 
by F(<p). 

On the other hand, unless PH = PSPACE, a "datalog" £ C mc formula resp. NAT similar to Tj 
does not exist: due to fixed nesting depth, it can only express a problem in PH. 

Further relationships between £circ resp. NATs and curbing, as well as other expressive knowl- 
edge representation formalisms (e.g., [Q, [H], pi]]), remain to be explored. 



8 Conclusion 



In this paper, we have studied the computational complexity of the logical language £circ, which 
is a prepositional language that allows the nested use of circumscription, and of the prepositional 
fragment of nested abnormality theories (NATs) that were proposed by Lifschitz [ f35[ ] as an ele- 
gant circumscriptive framework for modularized knowledge representation. As we have shown, 
NATs can be regarded as a semantic fragment of Cqirc- As it turned out, NATs and thus £circ 
are capable of expressing more difficult (in terms of complexity) problems than ordinary unnested 
circumscription, and can represent PSPACE-complete problems. Furthermore, we have identified 
fragments of NATs which have lower complexity, where we focused on generalizations of Horn 
CNFs, such as Horn logic programs and the DATALOG Circ query language [flO|]. In particular, we 
have provided an efficiently computable normal form for nested logic programs. Finally, we have 
compared nested circumscription to other generalizations of circumscription. 

Our results give a clear picture of the complexity situation, and reveal nesting and the use of local 
variables in NATs as sources of complexity. This gives useful insight into the complexity of £circ 
formulas and NATs, which is useful for understanding their computational nature and requirements. 
For example, it can be fruitfully exploited in considerations on eliminating nestings, or on changes 
to the set of defined letters in a NAT. To give a concrete example, suppose we have an extended 
Horn NAT T which has nesting depth one. Then, by Theorem ^)3|, inference of a formula ip from T 
is n^-complete in general, and thus can be polynomially transformed to a standard circumscriptive 
theorem prover. If, moreover, the blocks inside T have no fixed letters and do not use max, then 
by Theorem 5T we can efficiently eliminate nesting from T, and transform inference T \= (p via a 
standard Horn circumscription to a SAT solver in polynomial time. 

While we have addressed and resolved the main issues concerning the complexity of nested cir- 
cumscription in a prepositional setting in this paper, several issues remain for future work: 



• On the complexity side, our study may be extended to cover further fragments of NATs and 
£circ besides the ones considered in this paper. Besides Horn theories, other syntactic fragments 
were e.g. considered in [g], which provides a good starting point for such a programme. Fur- 
thermore, a detailed study of the complexity of nested circumscription in the first-order case and 
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restricted fragments (monadic theories, etc) would be interesting. 

• Complementing the results on reasoning complexity, Cadoli et al. [Q, ^], Gogic et al. [26], 



Selman and Kautz [|46|], Darwiche and Marquis [|14[ |13J] and others have studied representability 
issues among KR formalisms, considering problems like representing theories in one KR formal- 
ism with polynomial resources in another target formalism, such that the set of models or certain 
inference relations are preserved. In particular, "knowledge compilation," whose idea is that off- 
line preprocessing with high computational resources might help to speed up on-line reasoning, and 
make sometimes intractable problems tractable, has been attracting attention during the last years 
(see [Q] for an initial survey). A study of representation and compilability aspects of £ciRC and 
NATs, and a comparison to other KR formalisms remains as an interesting issue. In particular, it 
would be interesting to determine under which circumstances NATs can be compiled in other NATs 
with lower nesting. 

• An important instance of the issue in the previous paragraph is when a NAT can be efficiently 
replaced by an equivalent standard or prioritized circumscription, or even by an ordinary proposi- 
tional formula. Notice that this issue is highly significant for algorithms that implement NATs on 
top of circumscriptive theorem provers or classical SAT solvers. Our results give a very preliminary 
answer to this question, by showing that this is, e.g., possible for Horn NATs without fixed letters. 
However, other and more expressive fragments might be identified which have this property. 

• Finally, it remains to develop efficient algorithms and methods for computing NATs, either 
by reduction to an engine for some related KR formalism or logic, or by designing genuine algo- 



rithms. Su's CS program [49] and Doherty et al.'s DLS algorithm [16, 28], which handle the case of 
predicate logic, are incomplete in general and presumably not highly efficient in the propositional 
context. The use of QBF solvers (e.g., [11, 44[ 23]) is here a suggestive starting point for obtaining 
more suitable systems. 

As we believe, addressing these issues is worthwhile since nesting circumscriptions is a natu- 
ral generalization of circumscription, and yields, as shown by our results, a simple yet expressive 
knowledge representation formalism for encoding reasoning tasks with complexity in PSPACE. 



Acknowledgments 

This work was supported by the Austrian Science Fund (FWF) Project Z29-INF. We are grateful 
to the referees of the preliminary conference version of this paper, which had a number of useful 
suggestions for improvements. 



References 

[1] C. Baral. Abductive reasoning through filtering. Artificial Intelligence, 120(1): 1-28, 2000. 

[2] C. Baral, A. Gabaldon, and A. Provetti. Value minimization in circumscription. In L. C. Aiello, J. Doyle, 
and S. Shapiro, editors, KR'96: Principles of Knowledge Representation and Reasoning, pages 474- 
481. Morgan Kaufmann, San Francisco, California, 1996. 



36 



[3] C. Baral, A. Gabaldon, and A. Provetti. Formalizing narratives using nested circumscription. Artificial 
Intelligence, 104(1-2): 107-164, 1998. 

[4] C. Baral, V. Kreinovich, and R. Trejo. Computational complexity of planning and approximate planning 
in the presence of incompleteness. Artificial Intelligence, 122(l/2):241-267, 2000. 

[5] M. Cadoli and F. Donini. A survey on knowledge compilation. AI Communications, 10(3-4):137-150, 
1997. 

[6] M. Cadoli, F. Donini, and M. Schaerf. Space efficiency of propositional knowledge representation 
formalisms. Journal of Artificial Intelligence Research, 13:1-31, 2000. 

[7] M. Cadoli, F. M. Donini, P. Liberatore, and M. Schaerf. Feasibility and unfeasibility of off-line process- 
ing. In Proceedings of the Fourth Israeli Symposium on Theory of Computing and Systems (ISTCS'96), 
pages 100-109. IEEE Computer Society, 1996. 

[8] M. Cadoli, T. Eiter, and G. Gottlob. An efficient method for eliminating varying predicates from a 
circumscription. Artificial Intelligence, 54:397-410, 1992. 

[9] M. Cadoli and M. Lenzerini. The complexity of propositional closed world reasoning and circumscrip- 
tion. Journal of Computer and System Sciences, 43:165-21 1, 1994. 

[10] M. Cadoli and L. Palopoli. Circumscribing DATALOG: Expressive power and complexity. Theoretical 
Computer Science, 193:215-244, 1998. 

[11] M. Cadoli, M. Schaerf, A. Giovanardi, and M. Giovanardi. An algorithm to evaluate quantified Boolean 
formulae and its experimental evaluation. Journal of Automated Reasoning, 28:101-142, 2002. 

[12] E. Dantsin, T. Eiter, G. Gottlob, and A. Voronkov. Complexity and expressive power of logic program- 
ming. ACM Computing Surveys, 33(3):374-425, 2001. 

[13] A. Darwiche. Decomposable negation normal form. Journal of the ACM, 48(4):608-647, 2001. 

[14] A. Darwiche and P. Marquis. A perspective on knowledge compilation. In B. Nebel, editor, Proceedings 
of the 17th International Joint Conference on Artificial Intelligence (IJCAI-01), pages 175-182. Morgan 
Kaufmann, 2001. 

[15] J. de Kleer and K. Konolige. Eliminating the fixed predicates from a circumscription. Artificial Intelli- 
gence, 39:391-398, 1989. 

[16] P. Doherty, W. Lukaszewicz, and A. Szalas. Computing circumscription revisited: A reduction algo- 
rithm. Journal of Automated Reasoning, 18(3):297-336, 1997. 

[17] T. Eiter, W. Faber, N. Leone, and G. Pfeifer. Declarative problem-solving using the DLV system. 
In J. Minker, editor, Logic-Based Artificial Intelligence, pages 79-103. Kluwer Academic Publishers, 
2000. 

[18] T. Eiter and G. Gottlob. Propositional circumscription and extended closed world reasoning are In- 
complete. Theoretical Computer Science, 1 14(2):23 1-245, 1993. Addendum 118:315. 

[19] T. Eiter and G. Gottlob. On the Complexity of Theory Curbing. In M. Parigot and A. Voronkov, editors, 
Proceedings 7 th International Conference on Logic for Programming and Automated Reasoning {LP AR 
2000), Reunion Island, France, number 1955 in LNCS, pages 1-19. Springer, 2000. 

[20] T. Eiter, G. Gottlob, and Y. Gurevich. Curb your theory ! A circumscriptive approach for inclusive in- 
terpretation of disjunctive information. In R. Bajcsy, editor, Proceedings of the Thirteenth International 
Joint Conference on Artificial Intelligence (IJCAI-93), pages 634-639. Morgan Kaufman, 1993. 



37 



[21] T. Eiter, G. Gottlob, and H. Veith. Modular logic programming and generalized quantifiers. In J. Dix, 
U. Furbach, and A. Nerode, editors, Proceedings of the 4th International Conference on Logic Program- 
ming and Nonmonotonic Reasoning (LPNMR-97), number 1265 in LNCS, pages 290-309. Springer, 
1997. 

[22] W. Faber and G. Pfeifer. dlv homepage, since 1996. http://www.dbai.tuwien.ac.at/ 
pro j/dlv/. 

[23] R. Feldmann, B. Monien, and S. Schamberger. A distributed algorithm to evaluate quantified Boolean 
formulae. In Proceedings National Conference onAI(AAAPOO), Austin, Texas, July 30- August 3 2000. 
AAAI Press. 

[24] E. Giunchiglia, G. N. Kartha, and V. Lifschitz. Representing action: Indeterminacy and ramifications. 
Artificial Intelligence, 95(2):409-438, 1997. 

[25] E. Giunchiglia and N. K. V. Lifschitz. Actions with indirect effects (extended). Technical Report 
MRG/DIST # 95-0028, Universita di Genova, Dipartimento Informatica Sistemistica Telematica, 1995. 
Also in: Proc. AAAI Spring Symposium 95 on Extending Theories of Actions. 

[26] G. Gogic, H. Kautz, C. H. Papadimitriou, and B. Selman. The comparative linguistics of knowledge rep- 
resentation. In C. Mellish, editor, Proceedings of the 14th International Joint Conference on Artificial 
Intelligence (IJCAI '95), pages 862-869. Morgan Kaufmann, 1995. 

[27] Y. Gurevich and S. Shelah. Fixpoint extensions of first-order logic. Annals of Pure and Applied Logic, 
32:265-280, 1986. 

[28] J. Gustafsson. An implementation and optimization of an algorithm for reducing formulae in second- 
order logic. Technical Report LiTH-MAT-R-96-04, Dept. of Mathematics, Linkoping University, 1996. 

[29] N. Immerman. Relational queries computable in polynomial time. Information and Control, 68:86-104, 
1986. 

[30] D. S. Johnson. A catalog of complexity classes. In J. van Leeuwen, editor, Handbook of Theoretical 
Computer Science, volume A, chapter 2. Elsevier Science, 1990. 

[31] G. N. Kartha and V. Lifschitz. Actions with indirect effects (preliminary report). In J. Doyle, E. Sande- 
wall, and P. Torasso, editors, Proc. KR-94, pages 341-350. Morgan Kaufmann, San Francisco, Califor- 
nia, 1994. 

[32] G. N. Kartha and V. Lifschitz. A simple formalization of actions using circumscription. In C. Mellish, 
editor, Proceedings of the 14th International Joint Conference on Artificial Intelligence (IJCAI '95), 
pages 1970-1975, San Francisco. Morgan Kaufmann, 1995. 

[33] V. Lifschitz. Computing circumscription. In Proceedings International Joint Conference on Artificial 
Intelligence (//CA/-&5), pages 121-127, 1985. 

[34] V. Lifschitz. Circumscription. In D. Gabbay, C. Hogger, and J. Robinson, editors, Handbook of Logic 
in Artificial Intelligence and Logic Programming, volume III, pages 297-352. Clarendon Press, Oxford, 
1994. 

[35] V. Lifschitz. Nested abnormality theories. Artificial Intelligence, 74(2):35 1-365, 1995. 

[36] J. McCarthy. Circumscription - A form of non-monotonic reasoning. Artificial Intelligence, 13:27-39, 
1980. 

[37] J. McCarthy. Applications of circumscription to formalizing common-sense knowledge. Artificial 
Intelligence, 28:89-116, 1986. 



38 



[38] M. Minoux. LTUR: a simplified linear time unit resolution for Horn formulae and computer implemen- 
tation. Information Processing Letters, 29:1-12, 1988. 

[39] G. Neelakantan Kartha. A circumscriptive formalization of the qualification problem. In B. Nebel, 
editor, Proceedings of the 17th International Joint Conference on Artificial Intelligence (IJCAI-01), 
pages 139-144. Morgan Kaufmann, 2001. 

[40] C. H. Papadimitriou. Computational Complexity. Addison- Wesley, 1994. 

[41] C. Pollett and J. Remmel. Nonmonotonic reasoning with quantified Boolean constraints. In Proceedings 
of the 4th International Conference on Logic Programming and Nonmonotonic Reasoning (LPNMR- 
97), number 1265 in LNCS, pages 18-39. Springer, 1997. 

[42] R. Reiter. A theory of diagnosis from first principles. Artificial Intelligence, 32:57-95, 1987. 

[43] E. Remolina and B. Kuipers. A logical account of causal and topological maps. In B. Nebel, editor, 
Proceedings of the 17th International Joint Conference on Artificial Intelligence (IJCAI-01), pages 5- 
11. Morgan Kaufmann, 2001. 

[44] J. Rintanen. Improvements to the evaluation of quantified Boolean formulae. In Proceedings IJCAI '99, 
pages 1192-1197. AAAI Press, 1999. 

[45] J. Schlipf. Decidability and definability with circumscription. Annals of Pure and Applied Logic, 
35:173-191, 1987. 

[46] B. Selman and H. Kautz. Knowledge compilation and theory approximation. Journal of the ACM, 
43(2): 193-224, 1996. 

[47] J. Sierra-Santibanez. Declarative formalization of strategies for action selection. In Proceedings 7th 
Workshop on Nonmonotonic Reasoning (NMR-2000), Action and Causality track, Trento, Italy, 1998. 

[48] T. C. Son and C. Baral. Formalizing sensing actions: A transition function based approach. Artificial 
Intelligence, 125(1-2):19-91, 2001. 

[49] Z. Su. Automating the computation of nested abnormality theories. Undergraduate Honors Thesis, 
Department of Computer Sciences, University of Texas at Austin, 1995. 

[50] K. Wagner. Bounded query classes. SI AM Journal on Computing, 19(5):833-846, 1990. 



39 



